Systems and methods for identifying an individual

ABSTRACT

The present application relates to systems and methods using biometric data of an individual for identifying the individual and/or verifying the identity of an individual. These systems and methods are useful for, amongst many applications, more secure identification of high-risk individuals attempting to gain access to an entity, transport, information, location, security organization, law enforcement organization, transaction, services, authorized status, and/or funds.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a divisional of U.S. application Ser. No. 15/869,717filed Jan. 12, 2018, which is a divisional of U.S. application Ser. No.15/350,196 filed Nov. 14, 2016 (now abandoned), which is a divisional ofU.S. application Ser. No. 14/794,268 filed Jul. 8, 2015 (now U.S. Pat.No. 9,520,999), which is a continuation of U.S. application Ser. No.13/593,318 filed Aug. 23, 2012 (now U.S. Pat. No. 9,094,211), whichclaims benefit of priority under 35 U.S.C. § 119(e) to U.S. ProvisionalApplication No. 61/528,106 filed Aug. 26, 2011 and U.S. ProvisionalApplication No. 61/674,213 filed Jul. 20, 2012. The entire contents ofthe aforementioned applications are incorporated by reference herein.

FIELD

The present application relates to systems and methods using biometricdata of an individual for identifying the individual and/or verifyingthe identity of an individual. These systems and methods are useful for,amongst many applications, more secure identification of high-riskindividuals at points of access to an entity, transport, information,location, security organization, law enforcement organization,transaction, services, authorized status, funds, and the like.

BACKGROUND

With the increased capability to retrieve evidence and obtain biometricdata belonging to a group of individuals having attempted or succeededin carrying out acts of violence or terrorism, there are growingdatabases managed by many governmental agencies. These databases maycontain complete identification of such persons. However, frequently,databases may contain only partial identification of an individualdeemed to be at high risk of perpetrating additional acts of violence orterrorism. There is a need for more effective identification ofindividuals in order to determine whether an individual presents risk ifpermitted to access an entity, transport, information, location,security organization, law enforcement organization, transaction,services, authorized status, funds, and the like, and optionally, is theperson as recorded upon identification presented. The need for moreeffective identification additionally includes a need to protect thesecurity of the identification information presented by an individual,as well as the privacy of that information.

Embodiments of the present invention may solve one or more of theabove-mentioned problems. Other features and/or advantages, which maysolve additional problems, may become apparent from the descriptionwhich follows.

SUMMARY

In one aspect of the invention, a system for determining an identity ofan individual, is provided including: a processor configured to: a)retrieve individualized identification information of the individualincluding an individualized biometric data of at least a first class anda first individualized identification hash comprising the individualizedbiometric data of the first class and the individualized biometric dataof the second class; b) connect to at least one interrogation databasecomprising a plurality of interrogation biometric data of the secondclass; c) interrogate the at least one interrogation database whereineach of the plurality of interrogation biometric data of the secondclass is hashed together with the individualized biometric data of thefirst class to form a plurality of interrogation database identificationhashes; d) compare each of the plurality of interrogation databaseidentification hashes to the first individualized identification hash;and e) report whether a match of any of the plurality of databaseidentification hashes to the first individualized identification isidentified. The system may further include an identification cardcomprising the individualized identification information of theindividual. The system may further include at least one interrogationdatabase comprising a plurality of interrogation biometric data. Thesystem may additionally include an enrollment database. In someembodiments, the individualized biometric data of the first class may bea fingerprint data or a retinal scan data. In other embodiments, theindividualized biometric data of the first class may be an iris scandata, facial recognition scan data, or a body geometry scan data. Insome embodiments, the individualized biometric data of the first classmay be an iris scan data. In some embodiments, the individualizedbiometric data of the second class may be a DNA data selected from thegroup consisting of a STR profile, a SNP profile, an INDEL profile, andan Alu element. In other embodiments, the individualized biometric dataof the second class may be a DNA data comprising a STR profile. In someembodiments, the individualized biometric data of the at least a firstclass may further include a third or more class of biometric dataselected from the group consisting of a fingerprint scan data, iris scandata, retinal scan data, facial recognition scan data, and body geometryscan data and a DNA data, wherein the DNA data is selected from thegroup consisting of a STR profile, a SNP profile, an INDEL profile, andan Alu element. In various embodiments, when a class of individualizedbiometric data is a DNA data, then the DNA biometric data may be storedin a hashed form, where the hash may be a one-way hash. In someembodiments, the individualized biometric data of the first class may bestored separately from the first individualized identification hash. Invarious embodiments, the first individualized identification hash may bea barcode, alphanumerical or a graphical representation.

The processor of the system may be further configured to compare theindividualized biometric data of the first class and/or the third ormore class of biometric data with at least one interrogation biometricdata of the at least one interrogation database. In other embodiments,the processor may be configured to: retrieve a plurality of partialindividualized identification hashes, each comprising the individualizedbiometric data of the first class and a partial individualized biometricdata of the second class. In some embodiments, the partialindividualized biometric data of the second class may be a single locusor a subset of the loci of individualized biometric data of the secondclass. In some other embodiments, the processor may be furtherconfigured to compare the plurality of interrogation databaseidentification hashes with the plurality of partial individualizedidentification hashes; and to report whether a match is identified. Inyet other embodiments, the processor may be further configured to form aplurality of partial interrogation database identification hashescomprising the individualized biometric data of the first class and eachof a plurality of partial interrogation database biometric data of thesecond class. In some embodiments, the partial interrogation biometricdata of the second class may be a single locus or a subset of the lociof each of the plurality of the interrogation database biometric data.In some embodiments, the processor of the system may be furtherconfigured to compare each of the plurality of partial individualizedidentification hashes with each of the plurality of partialinterrogation database identification hashes; and to report whether amatch is identified. In various embodiments, the processor may befurther configured to: a) read the first class of individualizedbiometric data at a point of contact; and b) confirm the first class ofindividualized biometric data at the point of contact. In yet otherembodiments, the processor is further configured to: a) read the thirdor more class of individualized biometric data at a point of contact;and b) confirm the third class of individualized biometric data at thepoint of contact. In various embodiments, the processor may be furtherconfigured to connect to more than one interrogation database and tointerrogate each of the more than one interrogation databases. In otherembodiments, the processor may be further configured to: a) retrieve anenrollment verification certification; and interrogate an enrollmentdatabase to verify the authenticity of the identification card. In someembodiments, the identification card of the system includes anenrollment verification certification.

The system may further include a biometrics acquisition componentconfigured to acquire individualized biometric data of the at least afirst class and the second class from the individual; where theprocessor of the system may be further configured to: i) convert thebiometric data of the first class into a digitized individualizedbiometric data; ii) store a first instance of the digitizedindividualized biometric data of the first class on the identificationcard; iii) convert the individualized biometric data of the second classinto a digitized individualized biometric data; iv) hash a secondinstance of the digitized individualized biometric data of the firstclass with the digitized individualized biometric data of the secondclass to form a first individualized identification hash; and v) storethe first individualized identification hash on an identification card.In other embodiments, the processor of the system may be furtherconfigured to: a) connect to an enrollment database; b) assign anenrollment verification certification; and c) store the enrollmentverification certification.

The system may also provide a computer readable medium includingcomputer readable instructions configured to instruct the processor to:a) retrieve individualized identification information of the individualcomprising an individualized biometric data of at least a first classand a first individualized identification hash comprising theindividualized biometric data of the first class and the individualizedbiometric data of the second class; b) connect to at least oneinterrogation database comprising a plurality of interrogation biometricdata of the second class; c) interrogate the at least one interrogationdatabase whereby each of the plurality of interrogation biometric dataof the second class is hashed together with individualized biometricdata of the first class to form a plurality of interrogation databaseidentification hashes; d) compare each of the plurality of interrogationdatabase identification hashes to the first individualizedidentification hash; and e) report whether a match of any of theplurality of database identification hashes to the first individualizedidentification hash is identified.

In another aspect, the invention provides an identification cardincluding individualized identification information of an individualincluding an individualized biometric data of at least a first class anda first individualized identification hash including the individualizedbiometric data of the first class and the individualized biometric dataof the second class. In some embodiments, when a class of individualizedbiometric data is a DNA data, then the DNA biometric data may be presenton the identification card in a hashed form. In various embodiments, theindividualized biometric data of the first class may be a fingerprintdata or a retinal scan data. In other embodiments, the individualizedbiometric data of the first class may be an iris scan data. In variousembodiments, the individualized biometric data of the second class maybe a DNA data, selected from the group consisting of a STR profile, aSNP profile, an INDEL profile, and an Alu element. In some embodiments,the individualized biometric data of the second class is a DNA datacomprising a STR profile. In some embodiments, the first individualizedidentification hash may be formed using a one-way hash. Theidentification card may further include individualized biometric data ofa third or more class of biometric data selected from the groupconsisting of a fingerprint scan data, iris scan data, retinal scandata, facial recognition scan data, and body geometry scan data and aDNA data, including a STR profile, a SNP profile, an INDEL profile, oran Alu element. The identification card may further include a pluralityof partial individualized identification hashes, wherein each partialindividualized identification hash includes the individualized biometricdata of the first class and a partial individualized biometric data ofthe second class. In some embodiments, the partial individualizedbiometric data of the second class is a single locus or a subset of theloci of a DNA profile. The identification card may further include anenrollment verification certification.

In another aspect of the invention, a method of identifying anindividual is provided, including the steps of: a) retrievingindividualized identification information including a firstindividualized identification hash of the individual where the firstindividualized identification hash comprises individualized biometricdata of a first class and individualized biometric data of a secondclass; retrieving a individualized biometric data of the first class;accessing at least one interrogation database comprising a plurality ofinterrogation biometric data of the second class; hashing each of theplurality of interrogation biometric data of the second class togetherwith the individualized biometric data of the first class to form aplurality of interrogation database identification hashes; comparingeach of the plurality of interrogation database identification hashes tothe first individualized identification hash; and reporting whether amatch of any of the plurality of database identification hashes to theindividualized identification hash is identified. The individualizedidentification information may be stored on an identification card. Theindividualized identification information may further include a third ormore class of individualized biometric data selected from the groupconsisting of a fingerprint scan data, iris scan data, retinal scandata, facial recognition scan data, and body geometry scan data and aDNA data, wherein the DNA data is selected from the group consisting ofa STR profile, a SNP profile, an INDEL profile, and an Alu element. Insome embodiments, the individualized biometric data of the first classmay be a fingerprint scan data or a retinal scan data. In otherembodiments, the individualized biometric data of the first class may bean iris scan data. In some embodiments, the individualized biometricdata of the second class is a DNA data selected from the groupconsisting of a STR profile, a SNP profile, an INDEL profile, and an Aluelement. In some embodiments, the individualized biometric data of thesecond class is a DNA data comprising a STR profile. In someembodiments, when a class of individualized biometric data is a DNAdata, then the individualized biometric DNA data is stored in a hashedform. In some embodiments, the hashed form of individualized biometricDNA data is a one-way hash. The method may include the steps ofretrieving individualized biometric data of the first class or of thethird or more class; accessing at least one interrogation databasecomprising a plurality of interrogation biometric data of the firstclass or of the third or more class; comparing each of the plurality ofinterrogation database biometric data to the individualized biometricdata; and reporting a match of the database biometric data to theindividualized biometric data. In some of the embodiments of the method,the individualized identification information may include a plurality ofpartial individualized identification hashes, each including theindividualized biometric data of the first class and a partialindividualized biometric data of the second class. In some embodiments,the partial individualized biometric data of the second class may be asingle locus or a subset of the loci of the whole set of loci used indetermining the DNA profile of the individual. In some embodiments, themethod may also include steps of retrieving the plurality of partialindividualized identification hashes; comparing the plurality ofinterrogation database identification hashes with the plurality ofpartial individualized identification hashes; and reporting whether amatch is identified. In other embodiments, the method may also includethe steps of forming a plurality of partial interrogation databaseidentification hashes including the individualized biometric data of thefirst class and each of a plurality of partial interrogation databasebiometric data of the second class. The partial interrogation databasebiometric data may be a single locus or a subset of the loci of each ofthe interrogation database biometric data. The method may furtherinclude the steps of comparing each of the plurality of the partialindividualized identification hashes to each of the plurality of thepartial interrogation database biometric hashes; and reporting whether amatch is identified. In some embodiments, the method also may includethe steps of: reading the first class of individualized biometric dataat a point of contact; and confirming the first class of individualizedbiometric data at the point of contact. In yet other embodiments, themethod may include the steps of reading the third or more class ofindividualized biometric data at the point of contact; and confirmingthe third or more class of individualized biometric data at the point ofcontact. In some other embodiments, the method further includes thesteps of: retrieving an enrollment verification certification; accessingan enrollment database; and determining whether the enrollmentverification certification is valid.

In another aspect, the invention provides a computer readable mediumincluding computer readable instructions, which when executed by acomputer, operates on individualized identification information of anindividual including an individualized biometric data of at least afirst class and a first individualized identification hash including theindividualized biometric data of the first class and an individualizedbiometric data of a second class, and instructs the computer to: a)connect with at least one interrogation database comprising a pluralityof interrogation biometric data of the second class; b) interrogate theat least one interrogation database wherein each of the plurality ofinterrogation biometric data of the second class is hashed together withthe individualized biometric data of the first class to form a pluralityof interrogation database identification hashes; c) compare each of theplurality of interrogation database identification hashes to theindividualized identification hash; and d) report whether a match of anyof the plurality of database identification hashes to the firstindividualized identification hash is identified. In variousembodiments, the biometric data of the first class may be a fingerprintdata or a retinal scan data. In other embodiments, the individualizedbiometric data of the first class may be an iris scan. In variousembodiments, the individualized biometric data of the second class maybe a DNA data selected from the group consisting of a STR profile, a SNPprofile, an INDEL profile, and an Alu element. In some embodiments, theindividualized biometric data of the second class may be a DNA datacomprising a STR profile. In other embodiments, the individualizedidentification information may further include a third or more class ofindividualized biometric data selected from the group consisting of afingerprint scan data, iris scan data, retinal scan data, facialrecognition scan data, and body geometry scan data and a DNA data,wherein the DNA data is selected from the group consisting of a STRprofile, a SNP profile, an INDEL profile, and an Alu element. In variousembodiments, when a class of individualized biometric data is a DNAdata, then the DNA biometric data may be stored in a hashed form. Insome embodiments, the hashed form may be a one-way hashed form. Invarious embodiments, the individualized identification information maybe stored on an identification card. The computer readable medium may befurther configured to instruct the computer to: a) read the first classof individualized biometric data at a point of contact; and b) confirmthe first class of individualized biometric data at the point ofcontact. In other embodiments, the computer readable medium may furtherinstruct the computer to: a) read the third class of individualizedbiometric data at the point of contact; and b) confirm the third classof individualized biometric data at the point of contact. In variousembodiments, the individualized identification information furtherincludes a plurality of partial individualized identification hashes,each comprising the individualized biometric data of the first class andeach of a plurality of partial individualized biometric data of thesecond class. In some embodiments, the partial individualized biometricdata of the second class may be a single locus or a subset of the lociof a DNA profile. The computer readable medium may be further configuredto instruct the computer to: a) retrieve the plurality of partialindividualized identification hashes; b) compare the plurality ofinterrogation database identification hashes with the plurality ofpartial individualized identification hashes; and c) report whether amatch is identified.

In various embodiments, the computer readable medium may be furtherconfigured to instruct the computer to form a plurality of partialinterrogation database identification hashes comprising theindividualized biometric data of the first class and each of a pluralityof partial interrogation database biometric data of the second class. Insome embodiments, the partial interrogation database biometric data maybe a single locus or a subset of the loci of each of the interrogationdatabase biometric data. In some embodiments, the computer readablemedium may further instruct the computer to: a) compare each of theplurality of the partial individualized identification hashes to each ofthe plurality of the partial interrogation database biometric hashes;and b) report whether a match is identified. In various embodiments, thecomputer readable medium may further instruct the computer to: a)retrieve an enrollment verification certification; and b) interrogate anenrollment database to determine whether the enrollment verificationcertification is valid.

In yet another aspect, the invention provides a computer readable mediumincluding computer readable instructions, which when executed by acomputer, operates on at least one biometrics acquisition component, andinstructs the computer to: a) acquire individualized biometric data ofat least a first and a second class from an individual; b) convert theindividualized biometric data of the first class into a digitalelectronic format; c) store a first instance of the digitizedindividualized biometric data of the first class; d) convert theindividualized biometric data of the second class into a digitalelectronic format; e) hash a second instance of the digitizedindividualized biometric data of the first class with the digitizedindividualized biometric data of the second class to form a firstindividualized identification hash; and f) store the firstindividualized identification hash. In some embodiments, the firstindividualized identification hash may be a one-way hash. In variousembodiments, the computer readable medium may further instruct thecomputer to: a) acquire a third or more class of individualizedbiometric data; b) convert the third or more class of individualizedbiometric data to a digital electronic formats; and c) store thedigitized third or more class of individualized biometric data.

In other embodiments, the computer readable medium may further instructthe computer to: a) convert the digitized individualized biometric dataof the second class into a plurality of partial individualized biometricdata of the second class; b) hash a second instance of the digitizedindividualized biometric data of the first class with each of theplurality of the digitized individualized biometric data of the secondclass to form a plurality of partial individualized identificationhashes; and c) store the plurality of partial individualizedidentification hashes. The computer readable medium may be configured tofurther instruct the computer to: a) assign an enrollment verificationcertification; and b) store the enrollment verification certification.In various embodiments, the individualized identification information ofthe individual is stored on an identification card. In variousembodiments, the computer readable medium may further include thecomputer readable medium including computer readable instructions, whichwhen executed by a computer, operates on individualized identificationinformation of an individual including an individualized biometric dataof at least a first class and a first individualized identification hashincluding the individualized biometric data of the first class and anindividualized biometric data of a second class, and instructs thecomputer to: a) connect with at least one interrogation databasecomprising a plurality of interrogation biometric data of the secondclass; b) interrogate the at least one interrogation database whereineach of the plurality of interrogation biometric data of the secondclass is hashed together with the individualized biometric data of thefirst class to form a plurality of interrogation database identificationhashes; c) compare each of the plurality of interrogation databaseidentification hashes to the individualized identification hash; and d)report whether a match of any of the plurality of databaseidentification hashes to the first individualized identification hash isidentified.

In a further aspect, the invention provides a method of enrolling anindividual in a system for identification, comprising the steps of: a)acquiring individualized identification of the individual comprisingindividualized biometric data of at least a first and a second classfrom the individual; b) converting the individualized biometric data ofthe first class into a digital electronic format; c) storing a firstinstance of the digitized individualized biometric data of the firstclass; d) converting the individualized biometric data of the secondclass into a digital electronic format; e) hashing a second instance ofthe digitized individualized biometric data of the first class with thedigitized individualized biometric data of the second class to form afirst individualized identification hash; and f) storing the firstindividualized identification hash. In some embodiments, the firstindividualized identification hash may be a one way hash. The method mayfurther include the steps of: a) acquiring a third or more class ofindividualized biometric data; b) converting each of the third or moreclass of individualized biometric data to a digital electronic format;and c) storing each of the third or more class of digitizedindividualized biometric data. The method may further include the stepsof: a) converting a second instance of the digitized individualizedbiometric data of the second class into a plurality of digitizedindividualized biometric data of the second class; b) hashing a secondinstance of the digitized individualized biometric data of the firstclass with each of the plurality of digitized individualized biometricdata of the second class to form a plurality of partial individualizedidentification hashes; and c) storing the plurality of partialindividualized identification hashes. The method may further include thesteps of: a) assigning an enrollment verification certification; and b)storing an enrollment verification certification. The method may includestoring the individualized identification information of the individualon an identification card.

In another aspect, the invention provides a method of producing theidentification card of an individual, including the steps of: a)acquiring individualized identification of the individual comprisingdigitized individualized biometric data of at least a first class and asecond class from the individual; b) storing a first instance of thedigitized biometric data of the first class on the identification card;c) converting the individualized biometric data of the second class intoa digital electronic format; d) hashing a second instance of thedigitized individualized biometric data of the first class with thedigitized biometric data of the second class to form a firstindividualized identification hash; and e) storing the firstindividualized identification hash on the identification card. In someembodiments, the individualized identification hash may be a one wayhash. The method may further include the steps of: a) acquiringindividualized identification comprising a third or more class ofdigitized individualized biometric data; and b) storing each of thethird or more class of digitized individualized biometric data. Themethod may further include the steps of: a) converting a second instanceof the digitized individualized biometric data of the second class intoa plurality of digitized individualized biometric data of the secondclass; b) hashing a second instance of the digitized individualizedbiometric data of the first class with each of the plurality ofdigitized individualized biometric data of the second class to form aplurality of partial individualized identification hashes; and c)storing the plurality of partial individualized identification hashes.The method may further include the step of storing an enrollmentverification certification on the identification card.

According to another exemplary embodiment of the invention, there isprovided a system for determining an identity of a person, including anidentification card which includes individualized identificationinformation containing individualized biometric data of at least a firstclass and individualized biometric data of a second class, wherein theindividualized biometric data of the first class and the individualizedbiometric data of the second class are hashed together to form anindividualized identification hash; and a processor configured to: a)connect to at least one interrogation database comprising a plurality ofinterrogation biometric data of the second class wherein each of theplurality of interrogation biometric data of the second class has aninterrogation database identifier; b) interrogate the at least oneinterrogation database wherein each of the plurality of interrogationbiometric data of the second class is hashed together withindividualized biometric data of the first class to form a plurality ofinterrogation database identification hashes; c) compare each of theplurality of interrogation database identification hashes to theindividualized identification hash; and d) report a match of thedatabase identification hash to the individualized identification hash.The individualized biometric data of the first class may be afingerprint data or a retinal scan data. The individualized biometricdata of the second class may be a DNA data. When the individualizedbiometric data of the second class is a DNA data, it may be a STRprofile. Alternatively, the DNA data may be a SNP profile. In otherembodiments, the DNA data may be an INDEL profile. In some embodimentsof the system, the individualized biometric data further includes athird class of individualized biometric data. The system may provide anidentification card wherein when a class of individualized biometricdata is a DNA data, then the DNA individualized biometric data ispresent on the identification card in a hashed form. In someembodiments, the DNA individualized biometric data present as a hashedform may be a one way hash. In some embodiments, the individualizedidentification hash stored on the identification card is a graphicalrepresentation. In various embodiments of the system, the individualizedidentification hash on the identification card may be a barcode. Inother embodiments, the individualized identification hash is analphanumeric representation.

The processor of the system may be further configured to: a) read thefirst class of individualized biometric data at a point of contact; andb) confirm the first class of individualized biometric data at the pointof contact. In yet other embodiments, when a third class ofindividualized biometric data is provided on the identification card,the processor is further configured to read the third class ofindividualized biometric data at the point of contact; and confirm thethird class of individualized biometric data at the point of contact. Inother embodiments, the processor is further configured to retrieve anenrollment verification certification from the identification card; andinterrogate an enrollment database to verify the authenticity of theidentification card. In some embodiments of the system, the system mayfurther include a) a biometrics acquisition component configured toacquire individualized biometric data of at least a first and a secondclass from the individual; and b) a processor configured to i) convertthe individualized biometric data of the first class into a digitalelectronic format; ii) store a first instance of the digitizedindividualized biometric data of the first class on the identificationcard; iii) convert the individualized biometric data of the second classinto a digital electronic format; iv) hash a second instance of thedigitized individualized biometric data of the first class with thedigitized individualized biometric data of the second class to form anindividualized identification hash; and v) store the individualizedidentification hash on the identification card. In some embodiments, thesystem also includes at least one interrogation database. In otherembodiments, the system includes an enrollment database.

According to another exemplary embodiment of the invention, there isprovided an identification card configured to operate in the system fordetermining an identity of a person. The identification card may includeindividualized biometric data of at least a first class andindividualized biometric data of a second class, where theindividualized biometric data of the first class and the individualizedbiometric data of the second class may be hashed together to form anindividualized identification hash. In some embodiments, theindividualized identification hash may be formed using a one-way hash.The identification card may include the individualized biometric data ofthe first class stored separately from the individualized identificationhash. The identification card may include individualized biometric dataof the first class including a fingerprint data or a retinal scan data.The identification card may include individualized biometric data of thesecond class including a DNA data. In some embodiments, theindividualized biometric data of the second class may be a STR profile.In yet other embodiments, the individualized biometric data of thesecond class may be a SNP profile. In other embodiments, theindividualized biometric data of the second class may be an INDELprofile. An identification card is provided that may also includeindividualized biometric data including a third class of individualizedbiometric data. In some embodiments when the identification cardincludes three classes of individualized biometric data, theindividualized biometric data of the third class may include a DNA data.An identification card according to the invention is provided where whena class of individualized biometric data is a DNA data, then the DNAbiometric data is present on the identification card in a hashed form.In some embodiments, the hash is a one way hash.

According to another exemplary embodiment of the invention, there isprovided a method of identifying an individual including a) retrievingan individualized identification hash stored on an identification cardof the individual wherein the individualized identification hash isformed from individualized biometric data of a first class andindividualized biometric data of a second class; b) retrieving anindividualized biometric data of the first class stored on theidentification card; c) accessing at least one interrogation databasecomprising a plurality of interrogation biometric data of the secondclass wherein each of the plurality of interrogation biometric data ofthe second class has an interrogation database identifier; d) hashingeach of the plurality of interrogation biometric data of the secondclass together with the individualized biometric data of the first classto form a plurality of interrogation database identification hashes;comparing each of the plurality of interrogation database identificationhashes to the individualized identification hash; and e) reportingwhether a match of the database identification hash to theindividualized identification hash is identified. In some embodiments,the method may include the steps of a) reading the first class ofindividualized biometric data at a point of contact; and b) confirmingthe first class of individualized biometric data at the point ofcontact. In some embodiments, the individualized biometric data of thefirst class stored on the identification card may be a fingerprint dataor a retinal scan data. In other embodiments, the individualizedbiometric data of the second class may be a DNA data. In someembodiments the DNA data may be a STR profile. In some embodiments, whena class of individualized biometric data is a DNA data, then the DNAbiometric data may be present on the identification card in a hashedform. In other embodiments, when the DNA biometric data is present onthe identification card in a hashed form, it is a one way hash. In someembodiments, the individualized biometric data of the first class may bea retinal scan data. The method according to the invention may alsoprovide wherein the individualized biometric data may further include athird class of individualized biometric data. In some embodiments, whenthe individualized biometric data includes three classes ofindividualized biometric data, the processor may be further configuredto a) read the third class of individualized biometric data at the pointof contact; and b) confirm the third class of individualized biometricdata at the point of contact. The method according to the invention mayalso include the steps of a) retrieving an enrollment verificationcertification from the identification card; b) accessing an enrollmentdatabase; and c) determining whether the enrollment verificationcertification is valid.

According to another exemplary embodiment of the invention, there isprovided a method of enrolling an individual in a system foridentification, including the steps of a) acquiring individualizedbiometric data of at least a first and a second class from theindividual; b) converting the individualized biometric data of the firstclass into a digital electronic format; c) storing a first instance ofthe digitized individualized biometric data of the first class on anidentification card; d) converting the individualized biometric data ofthe second class into a digital electronic format; e) hashing a secondinstance of the digitized individualized biometric data of the firstclass with the digitized individualized biometric data of the secondclass to form an individualized identification hash; and f) storing theindividualized identification hash on the identification card.

According to yet another exemplary embodiment of the invention, there isprovided a computer readable medium including computer readableinstructions, which, when executed by a computer in communication withan identification card including an individualized biometric data of afirst class and an individualized identification hash formed from theindividualized biometric data of the first class and an individualizedbiometric data of a second class, is configured to a) connect with atleast one interrogation database comprising a plurality of interrogationbiometric data of the second class wherein each of the plurality ofinterrogation biometric data of the second class has an interrogationdatabase identifier; b) interrogate the at least one interrogationdatabase wherein each of the plurality of interrogation biometric dataof the second class is hashed together with the individualized biometricdata of the first class to form a plurality of interrogation databaseidentification hashes; c) compare each of the plurality of interrogationdatabase identification hashes to the individualized identificationhash; and d) report a match of the database identification hash to theindividualized identification hash In some embodiments, wherein thecomputer may be configured to a) read the first class of individualizedbiometric data at a point of contact; and b) confirm the first class ofindividualized biometric data at the point of contact. In someembodiments, the individualized biometric data of the first class may bea fingerprint data or a retinal scan data. In other embodiments, theindividualized biometric data of the second class may be a DNA data. Insome embodiments, the individualized biometric data of the second classmay be a STR profile. In some embodiments, the individualized biometricdata of the first class may be a retinal scan data. In some embodimentsof the computer readable medium of the invention, the individualizedbiometric data may include a third class of individualized biometricdata. In some embodiments, the third class of individualized biometricdata may be a DNA data. In some embodiments, the third class ofindividualized biometric data may be a STR profile. In some embodimentsof the computer readable medium when the individualized biometric dataincludes a third class of individualized biometric data, the computermay be further instructed to a) read the third class of individualizedbiometric data at the point of contact; and b) confirm the third classof individualized biometric data at the point of contact.

According to yet another exemplary embodiment of the invention, there isprovided a computer readable medium including computer readableinstructions, which when executed by a computer in communication with abiometrics acquisition component, is configured to a) acquireindividualized biometric data of at least a first and a second classfrom an individual; b) convert the individualized biometric data of thefirst class into a digital electronic format; c) store a first instanceof the digitized individualized biometric data of the first class on anidentification card; d) convert the individualized biometric data of thesecond class into a digital electronic format; e) hash a second instanceof the digitized individualized biometric data of the first class withthe digitized individualized biometric data of the second class to forman individualized identification hash; and f) store the individualizedidentification hash on the identification card.

Additional objects and embodiments of the invention may be set forth inor flow from the following description, and may in part be evident fromthe description, or may be learned by practice of the invention. Theobjects of the invention will be realized and attained by means of theelements and combinations particularly pointed out in the appendedclaims.

It is to be understood that both the foregoing general description andthe following detailed description are exemplary and explanatory onlyand are not in any way restrictive of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A is a schematic representation of one embodiment of theidentification system of the present invention.

FIG. 1B is a schematic representation of one embodiment of theidentification system of the present invention.

FIG. 2A-1 is a schematic representation of an embodiment of theidentification system of the present invention.

FIG. 2A-2 is a schematic representation of an embodiment of theidentification system of the present invention.

FIG. 2B-1 is a schematic representation of an embodiment of theidentification system of the present invention.

FIG. 2B-2 is a schematic representation of an embodiment of theidentification system of the present invention.

FIG. 3A is a schematic representation of an embodiment of an Enrollmentcomponent of the present invention depicting enrollment.

FIG. 3B is a schematic representation of an embodiment of an Enrollmentcomponent of the present invention depicting enrollment.

FIG. 4A is a schematic representation of an embodiment of the databaseinterrogation of the present invention.

FIG. 4B is a schematic representation of an embodiment of the databaseinterrogation of the present invention.

FIG. 4C is a schematic representation of an embodiment of the databaseinterrogation of the present invention.

FIG. 4D is a schematic representation of an embodiment of the databaseinterrogation of the present invention.

FIG. 5A is a schematic representation of an embodiment of theverification component of the present invention.

FIG. 5B is a schematic representation of an embodiment of theverification component of the present invention.

FIG. 6A is a schematic representation of an embodiment of an enrollmentmethod according to the present invention.

FIG. 6B is a schematic representation of an embodiment of an enrollmentmethod according to the present invention.

FIG. 7A is a schematic representation of an embodiment of anotherenrollment method according to the present invention.

FIG. 7B is a schematic representation of an embodiment of anotherenrollment method according to the present invention.

It is to be understood that the figures are not drawn to scale, nor arethe objects in the figures necessarily drawn to scale in relationship toone another. The figures are depictions that are intended to bringclarity and understanding to various embodiments of apparatuses,systems, and methods disclosed herein. Wherever possible, the last twodigits of reference numbers will be used throughout the drawings torefer to the same or like parts.

DESCRIPTION OF VARIOUS EXEMPLARY EMBODIMENTS

The section headings used herein are for organizational purposes onlyand are not to be construed as limiting the described subject matter inany way. When definitions of terms in incorporated references appear todiffer from the definitions provided in the present teachings, thedefinition provided in the present teachings shall control. It will beappreciated that there is an implied “about” prior to the valuesdiscussed in the present description, such that slight and insubstantialdeviations are within the scope of the present teachings. In thisapplication, the use of the singular includes the plural unlessspecifically stated otherwise. Also, the use of “comprise”, “comprises”,“comprising”, “contain”, “contains”, “containing”, “have”, “having”,“include”, “includes”, and “including” are not intended to be limiting.

Repeated usage of the phrase “in one embodiment” does not necessarilylimit to usage to that same embodiment, although it may.

Unless otherwise defined, scientific and technical terms used inconnection with the present teachings described herein shall have themeanings that are commonly understood by those of ordinary skill in theart. Generally, nomenclatures utilized in connection with, andtechniques of, molecular biology, and oligo- or polynucleotide chemistryand amplification and detection thereof described herein are those wellknown and commonly used in the art.

“Access to an entity, transport, information, location, securityorganization, law enforcement organization, transaction, services,authorized status, funds, and the like” may include an entity such as asovereign nation; restricted zone; an executive board; committee orgovernance body; private or public institution with controlled access,to name a few non-limiting examples. “Information” as used in thiscontext refers to information which may have security, privacy ordistribution controls placed upon it. “Transport” as referred to in thiscontext, includes but is not limited to air, rail, automobile, or marinetransportation modes. “Location” as referred to in this context,includes but is not limited to a geopolitical region, a private facilityor grounds, a controlled access portion of a work or education facility.“Security organization” as referred to in this context refers to anintelligence community, an intelligence organization, and other threatsensitive organizations, both governmental and nongovernmental. “Lawenforcement organization” as referred to in this context refers tolocal, state, federal, military or international police or investigativeforce. Access to law enforcement organization can include gainingauthorized status as an employee or consultant. Access to lawenforcement organization can also include detainee processing orarraignment testing as individuals suspected of being high risk areprocessed into a law enforcement or security organization. “Transaction”as referred to in this context, includes but is not limited to financialtransactions, including but not limited to banking, purchase of airlinetickets, exercise of voting franchise, and purchase of controlled accessmaterials including firearms, alcohol, and medications. “Services” asreferred to in this context, includes but is not limited to bankingservices, healthcare services, governmental benefit services, and thelike. “Authorized status” as referred to in this context, includes butis not limited to a high security position within intelligence,security, law enforcement, and other threat sensitive organizations,threat assessment at the time of enrollment in the identificationsystems of the invention, including but not limited to assessmentagainst known criminal, terrorist, and suspect databases, gun permit,drivers license, voter registration, government benefits registration,explosives certification, hazardous chemical handling certification,pilot license, commercial transportation license including but notlimited to bus and trucking commercial licenses, radioactive materialshandling certification, transportation worker credentials, workingrights authorization including but not limited to permanent residentstatus, temporary worker status visas, and clearance for work permits inconstruction, transport and other security-sensitive work areas,national entry visas, including tourist or long term visitor, and thelike. “Funds” as referred to in this context, includes cash, cashequivalents, credit and the like.

“Biometric data” as used herein, refers to data related to physiologicalaspects of an individual and may include skin recognition, including butnot limited to fingerprints and palmprints; body geometry features,including but not limited to ear, hand, finger, and the like; facialfeatures; face images; voice; voice prints; optical recognition,including but not limited to iris scans and retinal scans; signatures;blood typing; nucleic acid profiles, including deoxyribonucleotide (DNA)profiles and ribonucleic acid (RNA) profiles; protein assays; infraredidentification, including but not limited to face, hand, and handvein;and the like. One or more of these may be used in any combination. Inaddition to any of the biometric data described in the previoussentence, biometric data may include gait recognition, which may be usedalone or in any combination with other biometric data.

DNA data include but are not limited to Short Tandem Repeat (STR);Single Nucleotide polymorphism (SNP); Insert and Deletion (INDEL)sequences; Alu elements and other non-STR repeat sequences. In someembodiments, the DNA data is any polymorphic DNA sequence that can beused for human identification.

STR profile: Common sets of short tandem repeat (STR) markers or “coreloci” permits equivalent genetic information to be shared and compared.These core STR loci occur in between genes where a high degree ofvariability is tolerated and are thus not directly responsible forphysical traits or genetic diseases. The “core loci” are often used inhuman identity testing such as parentage testing and missing persons andmass disaster investigations, as well as for entry of DNA genotype datainto national or international databases used to link serial crimes andoffenders. Presently, the FBI has generated 13 core STR loci as thebasis for the genetic fingerprinting of an individual and maintains adatabase of such information for later reference. Other internationalorganizations focus on different, but overlapping sets of STR loci, asshown in TABLE 1. STR loci that may be tested include one of more of thefollowing loci: DYS456, DYS389I, DSY390, DYS 389II, DYS458, DYS19,DSY385, DYS393, DYS391, DYS439, DYs635, DYS392, Y_GATA_H4, DYS437,DYS438, DYS448, D13S317, D12S391, D22S1045. DYF387S1, DYF399S1,DYF403S1, DYF404S1, DYS449, DYS518, DYS526, DYS547, DYS570, DYS576,DYS612, DYS626, DYS627, D21S1, Penta E, and Penta D. One of skill candetermine that additional loci may be useful to add to a STR profile,and the listing herein is by no means limiting. Many commerciallyavailable kits may used to generate a STR profile from a biologicalsample, including but not limited to AmpFLSTR® kits (including any ofIdentifiler®, Identifiler®Plus, Identifiler®Direct, Yfiler®, Minifiler™,NGM™, NGM SElect™, Profiler®, Profiler Plus®, Profiler Plus 10,COfiler®, SGM Plus®, SEfiler Plus™ from Applied Biosystems®),Investigator Quantiplex HYres kits from Qiagen, and PowerPlex® kits fromPromega.

TABLE 1 US Core loci CSF1PO; FGA; TH01; TPOX; VWA; D3S1358; D5S818;D7S820; D8S1179; D13S317; D16S539; D18S51; D2S11; and Amelogenin.Extended European Standard FGA; TH01; VWA; D1S1656; D2S441; D3S1358;D8S1179; Set (ESS) D10S1248; D18S51; D21S11, and D22S1045. EuropeanAdditional Loci D2S1338; D16S539; D19S433; SE33; and Amelogenin. UK CoreLoci FGA; TH01; VWA; D2S1338; D3S1358; D8S1179; D16S539; D18S51;D19S433; D2S11; and Amelogenin. German Core Loci FGA; TH01; SE33; VWA;D3S1358; D8S1179; D18S51; D2S11; and Amelogenin. Interpol Standard setof FGA; TH01; VWA; D3S1358; D8S1179; D18S51; D2S11; and Loci optionally,Amelogenin.

SNP profile: Single nucleotide variants in a DNA sequence may be incoding, noncoding or intergenic regions of genes, differing betweenmembers of a biological species or between paired chromosomes of anindividual. Some SNP sequences may be related to phenotypiccharacteristics of an individual. This data may be of particular use ifattempting to interrogate data where there is incomplete personalinformation for a biometric data set.

INDEL profile: Insertion and deletion sequences include the followingtypes of insertion/deletions: insertions or deletions of single basepairs; expansions by only one base pair (monomeric base pairexpansions); multi-base pair expansions of about 2 to about 15 repeats;transposon insertions (insertions of mobile elements); and random DNAsequence insertions or deletions.

Alu element: Alu elements are mobile and repetitive elements in thehuman genome. Alu elements are generally about 300 bp and are consideredas a short interspersed element (SINE) within the broad class ofrepetitive DNA elements. Derived from the small cytoplasmic 7SL RNA,these inserted elements are interspersed throughout the genome. About7,000 Alu elements are unique to humans, and some may result in disease.Alu elements are useful in human identification as Alu element insertionevents have characteristic signatures and reveal details of ancestry andrelatedness.

Biometric Acquisition. There are numerous vendors of biometricacquisition instrumentation that may be used for the enrollment,verification and authentication aspects of the identification system andmethods of the invention. Vendors include but are not limited toBiometric Information Management, Biometric4all, Cogent Systems, Inc.,CrossMatch Technologies, Inc., Dataworks Plus, First Advantage, FulcrumBiometrics LLC, Futronic Technology Co. Ltd., Identix Incorporated,Innovative Biometric Systems., Logitech, Morphotrak Biometric Solutions,NEC, Sagem, Telos ID, and the like.

Biometric Digitization. A wide variety of conversion algorithms toprovide a digitized representation of each type of biometric data ispossible. Many of the biometric acquisition vendors include softwaredevelopment kits (SDKs) with instrumentation and other SDKs may beavailable from sources other than the instrumentation manufacturer.

A non-limiting example of fingerprint acquisition and digitization mayutilize a fingerprint scanner such as are provided by FutronicTechnology Co. Ltd and one possible fingerprint extraction SDK isVerifinger SDK 6.4 from Neurotechnology, where the SDK includes SourceCode, Documentation, and Demo Applications. In some embodiments, thedigitized fingerprint scan data conforms to the ANSI/NIST digitizationstandard. The digitization may also conform to the FBI/AFIS standards.Iris scanning and digitization includes but is not limited to an I SCAN™2, a dual iris capture scanner from Crossmatch Technologies, whichincludes SDK software to enable image finding and stabilization, pupilsegmentation and produces an iris image meeting format specifications ofthe ANSI INCITS 379-2004 and ISO/IEC 19794-6 standards. Facialrecognition scanning may be accomplished by a number of devicesincluding but not limited to QuickCam Orbit AF from Logitech. Either theiris scan data or the facial recognition scan data may be extractedusing Verifinger SDK 6.4 from Neurotechnology.

“Hash”, “hashed” or “hashing” as used herein, refers to datatransformation which converts variable sized data to anotherrepresentation. “Hash” as used herein, includes usage as both verb andnoun forms. For example, a hash can be the representation resulting fromthe data transformation. The representation may be of fixed data size,same data size, different data size or variable data size. Therepresentation may be of the same data type or another data type,including but not limited to numerical, alphabetical, graphical, oraudio. The graphical representation may be pictorial or schematic,including but not limited to a barcode representation. Therepresentation may be encrypted. The encrypted representation may beinvertible with or without a key, or the encrypted representation may beencrypted one-way.

Many forms of data transformation are useful in this invention. In someof the embodiments of the invention, the hashing produces the same endvalue for a given input data every time the hash is produced. Thehashing also provides unique values for unique input, thus providinguniform distribution of the hash values within a potential range, andpreventing differing input biometric data from mapping to the same hashvalue. One of skill can determine other data manipulation that may beuseful for storage of the hash values as enrollment databases enlarge.

Some useful cryptographic hash functions include BLAKE-256, BLAKE-512,ECOH, FSB, GOST, Grøstl, HAS-160, HAVAL, JH, Keccak, MD2, MD4, MD5, MD6,RadioGatún, RIPEMD-64, RIPEMD-160, RIPEMD-320, SHA-0, SHA-1, SHA-224,SHA-256, SHA-384, SHA-512, Skein, Snefru, Spectral Hash, SWIFFT, Tiger,and Whirlpool.

An additional level of data transformation may be used to verify dataintegrity and to authenticate the hash values represented on anidentification card of the invention. A Hash-based MessageAuthentication Code (HMAC) may be used to combine the cryptographic hashfunctions described above with a secret key. One definition of the HMACalgorithm from a source, RFC 2014 code, defines the algorithm asfollows:

-   -   H(⋅) is a cryptographic hash function.    -   K is a secret key, for example, padded to the right with extra        zeros to the input block size of the hash function, or the hash        of the original key if it is longer than that block size;    -   m is the message to be authenticated;    -   ∥ denotes concatenation;    -   ⊕ denotes exclusive or (XOR);    -   opad is the outer padding (0x5c5c5c . . . 5c5c, one-block-long        hexadecimal constant);    -   ipad is the inner padding (0x363636 . . . 3636, one-block-long        hexadecimal constant).

Then HMAC(K,m) can be mathematically defined as:HMAC(K,m)=H((K⊕pad)∥H((K⊕ipad)∥m)), in one non-limiting example. Thecryptographic strength of the HMAC depends upon the size of the secretkey that is used. The most common attack against HMACs is brute force touncover the secret key. HMACs are substantially less affected byindependent values mapping to the same hash values, i.e. collisions,than their underlying hashing algorithms alone. Therefore, HMAC-MD5 doesnot suffer from the same weaknesses that have been found in MD5, forexample.

Hashing methods allowing some degree of dissimilarity while stillfinding identity between two substantially similar files are widelyavailable and are often referred to as fuzzy hash functions. Contexttriggered piecewise hashing is one method of matching not quiteidentical sets of bits of information. An example of such a methodcombines a rolling hash with a piecewise hash, as devised by Kornblum(Kornblum, Digital Investigation 3S (2006), pp S91-S97). Other fuzzyhashing tools include ssdeep and deeptoad. Additionally, fuzzy hashalgorithms are disclosed in U.S. Patent Application Publications2011/0093426 and 2011/0067108 (Hoglund), for classifying data objectsincluding DNA sequences.

In some embodiments of the invention, hashing methods are used thatallow a predetermined degree of dissimilarity when comparing two hashesfor identity. Even a small change, for example, in orientation of afingerprint scan, may provide a digitized form that yields a differenthash from a different fingerprint scan taken from the same finger at adifferent time, location or after a degree of physiologicalmodification. These hashing methods can be useful when differences inthe source or target biometric data do not provide an exact match but dopossess a degree of similarity high enough for a positiveidentification. Therefore, the processor may be instructed to notrequire perfect identity to signal a match. DNA profiles may alsodemonstrate some dissimilarity upon hashing, but still be capable ofbeing detected by the processor as representing a reasonable match.Allowing some degree of dissimilarity while still determining that amatch has been identified, can initiate a further inquiry into theidentity of the individual presenting the identification card.

“Identification card” as used herein, includes but is not limited todocuments, magnetic disks, magnetically encoded cards, credit cards,bank cards, phone cards, stored value cards, prepaid cards, smart cards(e.g., cards that include one more semiconductor chips, such as memorydevices, microprocessors, and microcontrollers), contact cards,contactless cards, proximity cards (e.g., radio frequency (RFID) cards),passports, driver's licenses, network access cards, employee badges,debit cards, security cards, visas, immigration documentation, nationalID cards, citizenship cards, social security cards, security badges,certificates, including but not limited to explosives certification,hazardous chemical transport, radioactive materials handing and/ortransport), voter registration and/or identification cards, police IDcards, border crossing cards, security clearance badges and cards, legalinstruments, gun permits, badges, gift certificates or cards, membershipcards or badges, and tags. In some embodiments, the identification cardmay alternatively be incorporated into another device such as a cellphone, pager, wrist watch, computer, thumb drive, tablet device (e.g.,iPad™ or), personal digital assistant such as a Blackberry™, key fob, orother commonly available electronic device. Such cards can includetechnology to prevent counterfeiting such as incorporation of holograms,fluorescent inks, quantum dots, or other techniques. In addition to anyof the identification cards described in the preceding sentence, anidentification card may also include a near field communication (NFC)card.

As shown by the description above, the identification card may have thephysical form of a card or may be an electronic representation. Thecard, when it is an electronic representation, does not have to have aphysical form separate from the device carrying the informationcomprising the identification card as described in the followingsections. An electronic representation of the identification may alsohave some or none of the information physically stored on the physicaldevice presented by the individual. Any, some or all of the informationmay be stored in an enrollment database or other database remote fromthe point of contact and accessed upon presentation of theidentification card. When the identification card does not store theidentification information on the card, any or all of the informationmay be accessed by a password or other electronic entry permissiongranting procedure. As used herein, “stored on the identification card”refers to either information physically stored on the card in anysuitable medium or to information accessible as described above uponpresentation of the identification card. The description also uses theterms such as “secure,” “protected,” “encrypted,” “authenticated,” etc.These terms refer to a given level of security, protection,authenticity, etc.

The term “report” as used herein includes information or directivesrelated to the outcome of the comparison between biometric data of theindividual as presented at a point of contact, biometric data of aninterrogation database, biometric data of the individual as enrolled inthe system, and biometric data obtained from the individual at the pointof contact. A report by the processor includes issuing a conclusionwhether the biometric data of the individual matches biometric data ofan entry in an interrogation database, and may include a directive tofurther investigate the relationship between the individual and theknown or unknown person from whom the biometric data in theinterrogation database was obtained. In some embodiments, when at leastone partial individualized identification hash of the individual matchesa partial interrogation database identification hash, the report mayinclude the percentage of alleles matched data, and number of locicompared. This report may also issue a conclusion that a lessstringently defined association has been found between the interrogationdatabase entry and the individual presenting the identification card.The computer program may further instruct the processor to issue aconclusion indicating a potential familial connection. A directive maybe included in the report to further investigate the relationshipbetween the individual and the partially matching biometric data of theinterrogation database. A report by the processor includes issuing aconclusion whether the biometric data of the individual obtained at thepoint of contact matches the biometric data obtained from the individualat the time of enrollment and stored on an identification card and/orother databases. This report may include the directive to furtherinvestigate the credentials of the individual if no match is reported. Areport by the processor includes issuing a conclusion whether anenrollment verification certification stored on the identification cardpresented by the individual is authentic and matches the enrollmentverification certification assigned at the time of enrollment of theindividual, which may be stored in an enrollment database or otheraccessible database. This report may include the directive to furtherinvestigate the credentials of the individual if no match is reported.

Any of the reports described above may also include issuance of areport, in an electronic or other suitable medium, to an externalauthority, such as for instance a law enforcement agency, immigrationcontrol agency, airport security personnel, and licensing authority, andthe like, requiring further investigation of the match or lack of match.In some embodiments, the security agency is a governmental agency.Non-limiting examples of a directive included in a report is denial ofthe request by the individual for access to an entity, transport,information, location, transaction, services, authorized status, orfunds, and/or a requirement to detain the individual at the point ofcontact until further investigation is made or another authority assumescontrol of the investigation.

There are numerous situations where an individual is required to providean identification card in order to be granted access to an entity,transport, information, location, security organization, law enforcementorganization, transaction, services, authorized status, funds, and thelike. However, in many instances, for example, at a border control pointor an airport security point, simple comparison of the name of theindividual to a list of high-risk individuals who are deemed to be notsuitable for admission to that national entity, does little to preventacts of violence and/or terrorism. Individuals may present easily forgedor fake personal identification and identical names may falsely label aninnocent person as a high risk individual. Biometric data has been usedto verify an individual's identity, including systems where anindividual is previously enrolled by submitting biometric data forincorporation into a central database, for comparison, upon presentationof an identification card issued therefrom at a later date, to validatethat individual's identity as that of the enrolled individual. Thisprocess, too, falls short of identifying persons, who may be known toother organizations as individuals previously implicated in violence orterrorism. Simple comparison of the biometric data incorporated in theidentification card to the database does not prevent the use of stolenor faked biometric data combined with true personal identification suchas a photograph as there is no real time crosscheck of the match betweenthe person presenting the card and the information incorporated in theidentification card.

None of these systems will identify an individual who may haveparticipated in an act of violence or terrorism previously withoutadditionally encompassing innocent individuals who have somecharacteristics in common, such as name or physical description.

Additionally, while biometric data are useful personal identifiers, itis also desirable to prevent unauthorized access or theft of such data.Unlike passwords and the like, individualized biometric data cannot berevoked and reissued after a breach of security.

There are a number of databases being managed and developed by agencieswho gather evidence from attempted or successful acts of violence andterrorism, which include biometric data including, without limitation,fingerprints, voice recordings, DNA samples from which DNA data may bedeveloped, and the like, which are entered into the database.

It is of interest to be able to interrogate these databases to identifyindividuals who may request access to an entity, transport, information,location, transaction, services, authorized status, funds, and the like,but who may be at high risk of attempting acts of violence or terrorism.Additionally, it would be useful to definitively verify the identity ofan individual who is legitimately requesting access to an entity,transport, information, location, transaction, services, authorizedstatus, funds, and the like.

As described herein, comparison of interrogation database biometric datacontaining DNA data with individualized identification information of anindividual comprising DNA data is made using only hashed data topreserve the security and privacy of the DNA data of the individual. Forexample, a first and a second class of individualized biometric data arehashed and at least a first individualized identification hash so formedis stored for later retrieval and use in the system of identificationdescribed herein. A second instance of the individualized biometric dataof the first class is hashed with each of a plurality of interrogationdatabase biometric data to form a plurality of interrogation databaseidentification hashes. At least a first individualized identificationhash is compared with each of the plurality of interrogation databaseidentification hashes, and any matches are reported. Since the secondclass of individualized biometric data, for example, DNA data, is notretrieved or compared unhashed, a higher level of privacy and securityof the individualized biometric data of the second class is maintained.An individual has a decreased risk of improper access or use of theirbiometric information. This additional level of privacy is provided evenwhile providing for identification of high risk individuals who may onlybe known by biometric data left at a scene of attempted violence orterrorism. For example, a DNA data may have been obtained from a DNAsample taken from a surface or an object analyzed by investigators.Alternatively, a fingerprint may have been obtained from an object underinvestigation by law enforcement or other agencies. There may be noother identifier available for such data, which may represent a highrisk individual who should be intercepted upon attempting to access toan entity, transport, information, location, transaction, services,authorized status, funds, and the like from a point of contact. Thesystem according to the present invention may identify such a high riskindividual without having that individual's name, or may identify anindividual who has sufficient relatedness to lead to positiveidentification of a high risk individual. Once such a match is reported,further investigation can be made to determine whether the individualmay continue in the process to obtain access to the entity, transport,information, location, transaction, services, authorized status, and/orfunds requested.

Additionally, the invention may also provide for a confirmation of atleast one of the individualized biometric data at the point of contact.This provides verification that the individual presenting anidentification card is indeed the individual from which the biometricdata has been obtained.

System of Identification.

A system of identification is described, therefore, for determining anidentity of a person, which includes a processor that retrieves andcompares individualized biometric data with interrogation databasebiometric data in at least one interrogation database, wherein theprocessor reports whether a match has been found. The system may includecomputer readable media which is in communication with the processor andinstructs the processor to perform the processes described herein. Thesystem may also include an identification card containing individualizedidentification information and a processor. In some embodiments theidentification system is configured to connect to at least oneinterrogation database. In other embodiments, the system is configuredto connect to more than one interrogation database. In yet otherembodiments, the system further includes at least one interrogationdatabase. The system may also include one or more output componentsand/or one or more input components. The system may additionally includea verification component. The verification component may include one ormore biometric data acquisition and data processing components. Inanother aspect, the invention provides an enrollment component. Theenrollment component may include one or more biometric data acquisitioncomponents and one or more data processing components. In someembodiments of the invention, the identification system includes theenrollment component. Exemplary systems of the invention are shown inFIGS. 1A-3B, and the individual components described in the followingsections below.

FIGS. 1A and 1B show embodiments 100A and 100B respectively, of theidentification system 110 of the invention. In the embodiment of FIG.1A, the identification card 120 is part of the identification system. Inthe embodiment of FIG. 1B, the identification system 110 does notinclude the identification card 120. The identification system 110includes an identification card 120 configured to be read by the inputcomponent 160, which relays individualized information comprisingindividualized biometric data to the processor 140. In a variation ofthese embodiments, the identification system obtains the individualizedinformation from another database or repository, and the input component160 relays the individualized information to the processor 140. Theprocessor 140 communicates via the communication component 130 tointerrogation databases 170 ₁ to 170 _(n), to retrieve a plurality ofinterrogation database biometric data. The processor 140 interrogatesthe plurality of interrogation database biometric data and compares itto one or more individualized identification hashes and/or a pluralityof partial individualized identification hashes. A report is made by theprocessor 140 regarding whether or not a match is found via the outputcomponent 150.

FIGS. 2A-1 and 2A-2 show other embodiments 200A-1 and 200-2,respectively, of the identification system 210 of the invention. In theembodiment of FIG. 2A-1, the identification card 220 is part of theidentification system 210. In the embodiment of FIG. 2A-2, theidentification system 210 does not include the identification card 220.The identification system 210 includes an identification card 220configured to be read by the input component 260, which relaysindividualized information comprising individualized biometric data tothe processor 240. In a variation of these embodiments, theidentification system obtains the individualized information fromanother database or repository, and the input component 260 relays theindividualized information to the processor 240. The processor 240communicates via the communication component 230 to interrogationdatabases 270 ₁ to 270 _(n), to retrieve a plurality of interrogationdatabase biometric data. The processor 240 interrogates the plurality ofinterrogation database biometric data and compares it to one or moreindividualized identification hashes. Additionally, the processorreceives individualized biometric data obtained at the point of contactby individualized biometric data confirmation components 280 ₁ to 280_(m) and compares the data so obtained to individualized biometric dataretrieved from the identification card 220, to verify that theindividual who presents the identification card is the individual whosebiometric data is stored on the identification card 220. A report ismade by the processor 240 via the output component 250 regarding 1)whether or not a match is found with a biometric data entry ininterrogation databases 270 ₁ to 270 _(n) and 2) whether or not a matchis found between biometric data obtained at the point of contact frombiometric data confirmation components 280 ₁ to 280 _(m) and theindividualized biometric data retrieved from the identification card220. The processor may further report to another system and/or authorityif a match is found in any of the entries of interrogation databases 270₁ to 270 _(n) and/or the biometric data obtained at the point of contactdoes not match the individualized biometric data retrieved from theidentification card 220. The processor may further initiate an action tostop any further processing of the request for access made by theindividual upon presentation of the identification card 220, if a matchis found in any of the interrogation databases 270 ₁ to 270 _(n) and/orthe biometric data obtained at the point of contact does not match theindividualized biometric data retrieved from the identification card220.

FIGS. 2B-1 and 2B-2 show yet other embodiments 200B-1 and 200B-2,respectively, of the identification system 210 of the invention. In theembodiment of FIG. 2B-1, the identification card 220 is part of theidentification system 210. In the embodiment of FIG. 2B-2, theidentification system 210 does not include the identification card 220.The identification system 210 includes an identification card 220configured to be read by the input component 260, which relaysindividualized information comprising individualized biometric data tothe processor 240. In a variation of these embodiments, theidentification system obtains the individualized information fromanother database or repository, and the input component 260 relays theindividualized information to the processor 240. The processor 240communicates via the communication component 230 to interrogationdatabases 270 ₁ to 270 _(n), to retrieve a plurality of interrogationdatabase biometric data. The processor 240 interrogates the plurality ofinterrogation database biometric data and compares it to theindividualized identification hash. Additionally, the processor receivesindividualized biometric data obtained at the point of contact byindividualized biometric data confirmation components 280 ₁ to 280 _(m)and compares the data so obtained to individualized biometric dataretrieved from the identification card 220, to verify that theindividual who presents the identification card is the individual whosebiometric data is stored on the identification card 220. Further, theprocessor retrieves an enrollment verification certification from theidentification card 220, which was assigned at the time of enrollmentand issuance of the identification card. The processor interrogates theenrollment database 275 to verify the authenticity of the identificationcard. This can be performed in several ways, one of which is to searchfor a matching enrollment verification certification, whereupon theprocessor further determines whether the other information present onthe identification card accompanying the enrollment verificationcertification matches the record of what was recorded to the card at thetime of enrollment. Alternatively, the processor can search for theindividual to whom the card was issued and determine whether theenrollment verification certification retrieved from the identificationcard 220 matches the enrollment verification certification assigned tothe card at the time of issuance to the individual. A report is made bythe processor 240 via the output component 250 regarding: 1) whether ornot the enrollment verification certification is confirmed for the cardpresented by the individual; 2) whether or not a match is found betweenbiometric data obtained at the point of contact from biometric dataconfirmation components 280 ₁ to 280 _(m); and 3) whether or not a matchis found to a biometric data entry in interrogation databases 270 ₁ to270 _(n). The report issued by the processor may further initiate anaction to stop any further processing of the request for access made bythe individual upon presentation of the identification card 220, if amatch is found in any of the interrogation databases 270 ₁ to 270 _(n);and/or the biometric data obtained at the point of contact does notmatch the individualized biometric data retrieved from theidentification card 220; and/or the enrollment verificationcertification is not confirmed for the identification card 220 presentedby the individual.

FIG. 3A and 3B shows various embodiments, 300A and 300B, respectively,of enrollment components of the invention. In the embodiment of FIG. 3A,the identification card 320 is part of the identification system 310. Inthe embodiment of FIG. 3B, the identification system 310 does notinclude the identification card 320. An individual desiring to beenrolled would permit biometric data to be obtained by biometric dataacquisition components 390 ₁ to 390 p. The individualized biometric dataso obtained would be further processed by the processor as describedbelow and stored to the identification card 320. The input component maybe used to add other individualized information that is stored on theidentification card 320. The fully loaded identification card 320 isissued to the individual for use in the identification and verificationcomponents of the identification system. In some embodiments, theidentification system includes the Enrollment component. In otherembodiments, the Enrollment component is a stand alone system.

The identification card containing individualized identificationinformation. In the system of identification described herein, anidentification card is issued to an individual after the individual hassubmitted at least a first and a second class of individualizedbiometric data. The card may also contain other identifying informationsuch as name, physical description, national origin and address, and thelike. The identification card is presented by the individual at a pointof contact with an agency granting access to an entity, transport,information, location, security organization, law enforcementorganization, transaction, services, authorized status, or funds.

The individualized identification information includes individualizedbiometric data of at least a first class and a second class, where theindividualized biometric data of the first class and the individualizedbiometric data of the second class has been stored on the card as afirst individualized identification hash formed from the individualizedbiometric data of the first and second class, which may be a one-wayhash. Individualized identification information as used herein,encompasses both untransformed and transformed individualized biometricdata, including, but not limited to digitized or hashed individualizedbiometric data. The identification card may include additionalindividualized identification hashes as is described in the followingparagraphs. The identification card further includes at least oneadditional instance of the individualized biometric data of the firstclass which is stored on the card as either a graphical individualizedbiometric data or a digitized individualized biometric data. In someembodiments, the identification card includes two instances of theindividualized biometric data of the first class which may be agraphical individualized biometric data and a digitized individualizedbiometric data. One non-limiting example includes an embodiment wherefingerprint scan data is stored on the identification card in agraphical form, i.e., a pictorial or photographic presentation of thefingerprint, or is stored as a digitized fingerprint data string, and insome embodiments, both types of representations are stored on theidentification card. Each instance of the individualized biometric dataof the at least a first class and/or the one or more individualizedidentification hashes, including partial individualized identificationhashes may be stored on the identification card as one or more barcodes,including but not limited to two-dimensional barcodes.

In some embodiments, the biometric data of the first class may beselected from the group consisting of a fingerprint scan data, apalmprint scan data, a retinal scan data, an iris scan data, and ahandvein scan data of the individual. In other embodiments, thebiometric data of the first class is selected from the group consistingof a fingerprint scan data, a retinal scan data, an iris scan data, afacial recognition scan data, and a body geometry scan data. In someembodiments, the biometric data of the first class is one or moremembers of the group of a fingerprint scan data, iris scan data, and aretinal scan data.

The biometric data of the second class may be any suitable biometricdata. In some embodiments, the biometric data of the second class may bea DNA data, wherein the DNA data is a STR profile, a SNP profile, anINDEL profile, an Alu element, or a non-STR DNA profile, or thebiometric data of the second class may be a fingerprint scan of theindividual. In other embodiments the biometric data of the second classis a DNA data, wherein the DNA data is a STR profile, a SNP profile, anINDEL profile, an Alu element, or a non-STR DNA profile of theindividual. In some embodiments, the DNA data is any polymorphic DNAsequence that can be used for human identification.

In some embodiments, the biometric data of the first and second class isnot of the same class. For example, in one embodiment, the biometricdata of the first class is a fingerprint scan data, and the biometricdata of the second class is a DNA data. In another embodiment, thebiometric data of the first class is a retinal scan data and thebiometric data of the second class is a DNA data. In yet otherembodiments, the biometric data of the first class is an iris scan data,and the biometric data of the second class is a DNA data. The biometricdata of the first class may also be a facial recognition scan data andthe biometric data of the second class is a DNA data. Additionally, thebiometric data of the first class may be a body geometry scan data andthe biometric data of the second class is a DNA data. In a furtherembodiment, the biometric data of the first class may be a retinal oriris scan data and the biometric data of the second class may be afingerprint scan data. In another embodiment, the biometric data of thefirst class is selected from the group of a fingerprint scan data, irisscan data, a retinal scan data, and the biometric data of the secondclass is a DNA data, wherein the DNA data is a STR profile, a SNPprofile, an INDEL profile, an Alu element, or a non-STR DNA profile ofthe individual. In further embodiments, the biometric data of the firstclass is selected from the group consisting of a fingerprint scan data,iris scan data, retinal scan data, facial recognition scan data, andbody geometry scan data and the biometric data of the second class is aDNA data, wherein the DNA data is a STR profile, a SNP profile, an INDELprofile, an Alu element, or a non-STR DNA profile. In other embodiments,any suitable biometric data may be used as the biometric data of thefirst class, including fingerprints and palmprints; body geometryfeatures, including but not limited to ear, hand, finger, and the like;facial features; face images; voice; voice prints; optical recognition,including but not limited to iris scans and retinal scans; signatures;blood typing; protein assays; infrared identification, including but notlimited to face, hand, and handvein, and gait recognition, and thebiometric data of the second class is a DNA data, wherein the DNA datais a STR profile, a SNP profile, an INDEL profile, an Alu element, or anon-STR DNA profile.

When the second class of individualized biometric data includes a DNAdata, wherein the DNA data is a STR profile, a SNP profile, an INDELprofile, an Alu element, or a non-STR DNA profile, the DNA data may behashed non-invertibly with an individualized biometric data that is nota DNA data, forming an individualized identification hash, prior tostorage on the card.

In some embodiments, when the individualized biometric data of thesecond class is a DNA data, for example, an STR profile, theidentification card may contain a first individualized identificationhash formed from the individualized biometric data of the first class,which may be, without limitation, a fingerprint scan data, and a DNA STRprofile. The identification card may also include one or more additionalpartial individualized identification hashes formed from the fingerprintscan and each STR loci of the STR profile, from the fingerprint scan andat least one subset of all the STR loci of the STR profile, and/or everypossible combination of the fingerprint scan data and subsets of the STRloci of the DNA profile of the individual. Optionally, theidentification card may include descriptors of these partialindividualized identification hashes for comparison against equivalentinterrogation database biometric data. In some embodiments, a pluralityof partial individualized biometric data sets may be stored on theidentification card (such as partial individualized identificationhashes).

In one non-limiting example, the digitized fingerprint scan may behashed with each of the US core STR loci (CSF1PO; FGA; THO1; TPDX; VWA;D3S1358; D5S818; D7S820; D8S1179; D13S317; D16S539; D18S51; D2S11; andAmelogenin), as well as the digitized complete set of US core STR loci,and these additional 14 individualized identification hashes may be usedfor comparison with the at least one interrogation database. In yetother embodiments, subsets of the complete set of STR loci may be usedto form additional individualized identification hashes for comparisonwith interrogation databases having degraded or incomplete DNA STRprofiles. In some embodiments, every possible combination of subsets ofthe loci of the STR profile is hashed with the digitized fingerprintscan to form a plurality of partial individualized identificationhashes. In one non-limiting example, an additional individualizedinformation hash is formed combining the biometric data of the firstclass with the set of the following loci: CS1PO, D7820, D13S317,D16S539, D18S51, D21S11, FGA, D2S1338, and amelogenin, which may beuseful for identification of a degraded DNA sample. In some embodiments,one or more partial individualized identification hashes is formed froma subset of two or more, three or more, four or more, five or more, sixor more, seven or more, or eight or more STR loci.

In another non-limiting example, the individualized biometric data ofthe first class is an iris scan, and the individualized biometric dataof the second class is a DNA data which is a STR profile. The sameprocess may be employed as described in the above paragraphs, using theiris scan data, which may be digitized, and the DNA STR profile, whichmay be digitized, above to provide a first individualized identificationhash, and optionally, a plurality of partial individualizedidentification hashes.

The individualized identification information may further include athird or more class of individualized biometric data or more. The thirdand additional classes of individualized biometric data may be presenton the identification card in a hashed form, and may be invertible. Thethird and additional classes of individualized biometric data may bepresent on the identification card in a non-invertible hashed form. Whenthe individualized identification card includes a third or more class ofindividualized biometric data, the biometric data may be of any type ofbiometric data. In some embodiments, the biometric data of a third classis a different class of biometric data from that of the first and secondclass of biometric data. In some embodiments, when the first class ofbiometric data is a fingerprint data, then the third class of biometricdata is a retinal scan data. Additionally when the first class ofbiometric data is a fingerprint scan data and the third class ofbiometric data is a retinal scan data, then the second class ofbiometric data may be a DNA data, wherein the DNA data is a STR profile,a SNP profile, an INDEL profile, an Alu element, or a non-STR DNAprofile. In other embodiments, when the first class of biometric data isa retinal scan data, then the third class of biometric data is afingerprint data. Additionally when the first class of biometric data isa fingerprint scan data and the third class of biometric data is aretinal scan data, then the second class of biometric data may be a DNAdata wherein the DNA data is a STR profile, a SNP profile, an INDELprofile, an Alu element, or a non-STR DNA profile. The invention alsoprovides embodiments where the first class of biometric data is an irisscan, the third class of biometric data is a fingerprint scan data, andthe second class of biometric data may be a DNA data, wherein the DNAdata is a STR profile, a SNP profile, an INDEL profile, an Alu element,or a non-STR DNA profile. In yet other embodiments, the first class ofbiometric data is a fingerprint scan data, the third class of biometricscan data is a facial recognition scan data or a body geometry scandata, and the second class of biometric data is a DNA data, wherein theDNA data is a STR profile, a SNP profile, an INDEL profile, an Aluelement, or a non-STR DNA profile.

In yet other embodiments, biometric data of the first class is an irisscan data, retina scan data, a facial recognition scan data, or a bodygeometry scan data, biometric data of the second class is a fingerprintscan data, and the third class of biometric data is a DNA data, whereinthe DNA data is a STR profile, a SNP profile, an INDEL profile, an Aluelement, or a non-STR DNA profile. When the DNA data is present only asbiometric data of the third class, it is present hashed together withbiometric data of either the first or the second class in anon-invertible form, and may be used to in the comparison with aninterrogation database in order to determine whether the individual'sDNA data is present in the database.

In some embodiments, the biometric data of a third class is of the sameclass of biometric data as the second class of biometric data, but is adifferent type of the same class of biometric data. For example, in oneembodiment, biometric data of a second class is a DNA STR profile, andbiometric data of a third class is an INDEL profile. In anotherembodiment, the biometric data of a second class is a DNA STR profileand the biometric data of a third class is a SNP profile. In anotherembodiment, the biometric data of a second class is a DNA STR profileand the biometric data of a third class is an Alu element. In someembodiments, when the biometric data of the second class and thebiometric data of the third class present on the individualizedidentification card are both types of DNA data, each of the biometricdata is hashed with the biometric data of the first class prior tostorage as individualized identification hashes on the identificationcard. In some embodiments, when the biometric data of the second classand the third class are both types of DNA data, the hash is one-way andis not invertible. When a third class of biometric data of the thirdclass is a DNA data stored as a combined one way hash on theidentification card, the third class of biometric data may be used incomparison with the at least one interrogation database.

In some embodiments of the method, more than three classes ofindividualized biometric data are present on the identification card.There may be more than three classes of individualized biometric datathat are all of different classes, including without limitation, iris,retina, fingerprint, DNA data which includes one or more of a STRprofile, a SNP profile, an INDEL profile, an Alu element, or a non-STRDNA profile, facial recognition scan data, or body geometry data. Insome embodiments, the more than three classes of individualizedbiometric data includes more than one type of DNA data selected from aSTR profile, a SNP profile, an INDEL profile, an Alu element, and anon-STR DNA profile. When any of the more than three classes ofindividualized biometric data includes a DNA data, wherein the DNA datais STR profile, a SNP profile, an INDEL profile, an Alu element, or anon-STR DNA profile, the DNA data is hashed non-invertibly with anindividualized biometric data that is not a DNA data, prior to storageon the identification card. When more than three classes of biometricdata are present on the identification card, each of the classes ofbiometric may be used in comparison with the at least one interrogationdatabase.

Each of the instances of the at least a first class of individualizedbiometric data, the at least a first individualized identification hashand/or one or more partial individualized identification hashes may bestored on the identification card as a barcode, alphanumerical or agraphical representation. The barcode may be a two dimensional barcode,including but not limited to a matrix barcode.

The identification card may include descriptors of the types ofbiometric data or subtypes of biometric data stored on the card; to beread by the processor in order to determine what interrogation databasesmay have suitable entries for interrogation. Additionally, there may beinstructions or descriptors to cue the processor to reorganize orreorder entries in the interrogation databases to maximize thepossibility of finding a match.

Other types of individualized identification information may be presenton the identification card, including but not limited to parametric datasuch as name; age; physical description, including but not limited tohair color, height, weight, eye color, skin color description, and otherindividualized descriptors such as tattoos and the like; social securitynumber; mother's maiden name; health information; health insuranceinformation; marital status; dependent children status; financial orcredit card information; address; nationality; citizenship status; visastatus; voter registry status; driver license number; and the like.

The at Least One Interrogation Database Containing a Plurality ofInterrogation Biometric Data.

The at least one interrogation database includes information associatedwith identification of individuals. For example, the at least oneinterrogation database can be governmental (Federal, state, regionaland/or local) data store(s) related to, for example, the Social SecurityAdministration, Drivers' license agencies (e.g., Bureau/Department ofMotor Vehicles), state identification card issuing agencies, theSelective Service system, the military, voter registration, birthcertificates issuing authorities, the Immigration and NaturalizationService, Homeland Security, the Justice Department, the Bureau ofAlcohol, Tobacco and Firearms, the Federal Bureau of Investigationand/or the Central Intelligence Agency. The at least one database may bemaintained by extraterritorial governmental and nongovernmentalorganizations (e.g., European Union, the United Kingdom, including butnot limited to antiterrorism databases maintained by organizations suchas MI5, Germany, and Interpol). The at least one interrogation databasecan also include private, non-governmental, databases that can include,for example, a periodically updated copy of governmental data and/or anew set of data about an individual. Other nongovernmental groupsmaintaining databases may include kinship databases or genealogy-relateddatabases. Additionally, the at least one interrogation database caninclude DNA data (e.g., collected by governmental and/or privateentities) and/or other biometric data. Information can be stored in theat least one interrogation database in a variety of format(s) including,but not limited to, hierarchical database(s) and/or relationaldatabase(s). Information can be stored in the at least one interrogationdatabase in a variety of data structure(s) including, but not limitedto, lists, arrays, databases and/or data cubes. For example, informationstored in the at least one interrogation database can be text (e.g.,alphanumeric), graphical, audio, video and/or digitally stored DNA data.In some databases, the information does not have individualizedidentification associated with the record, i.e. for the biometric datathere is no personal name available as an identifier. In someembodiments, the interrogation biometric data is associated with aninterrogation database identifier. In some embodiments, the at least oneinterrogation database includes DNA profile data that is not complete oris degraded. This incomplete or degraded DNA profile data may be apartial or degraded STR profile data, SNP profile, INDEL profile, Aluelement data, non-STR profile, or a combination of one of more of theseprofile types. For example, the at least one interrogation database mayinclude a DNA STR profile for which the data for some of the core lociis not available due to degradation of the initially obtained sample.

In some embodiments, the interrogation biometric data may be afingerprint scan data, iris scan data, retinal scan data, facialrecognition scan data, body geometry scan data, or gait analysis data.

There may be only one type of biometric data in each database or theremay be more than one type of biometric data. The biometric data in eachdatabase may also have a personal name associated with the data. Thebiometric data in each database may only be identified by aninterrogation database identifier, and may have no personal nameassociated with the data.

In some embodiments of the invention, the interrogation biometric dataof the second class is a DNA data. The DNA data may be a STR profile, aSNP profile, an INDEL profile, an Alu element data, a non-STR profile,or a combination of one of more of these profile types. In anotherembodiment, the interrogation biometric data of the second class is afingerprint scan data. In yet another embodiment, the interrogationbiometric data of the second class is partial or degraded DNA data,including a partial or degraded STR profile, SNP profile, INDEL profile,Alu element data, non-STR profile, or a combination of one of more ofthese profile types.

The processor. As used herein, “the processor” may be a single processoror may be more than one processor as may be required to perform themethods of the inventions.

A. The Processor is Configured to Read and Retrieve the IdentificationInformation Contained on the Identification Card Presented by theIndividual.

The processor is configured to read and retrieve individualizedidentification information, including individualized biometric data, ofany class, combination, or format as described for the identificationcard and identification system. The individualized identificationinformation comprising individualized biometric data of at least a firstclass and at least a first individualized identification hash isretrieved by the processor from the identification card. In someembodiments, the individualized biometric data is read by an inputcomponent which includes but is not limited to a card reader, a magneticcard reader, keyboard, a touch screen device, computer, a pointingdevice, such as a mouse, a microphone, an IR remote control, a joystick,a game pad, a personal digital assistant (PDA), a smart card reader, orthe like. The processor is configured to determine what classes ofbiometric data have been stored on the identification card and how thebiometric data is presented on the card, including any preprocessing.

B. the Processor is Configured to Communicate with the at Least OneInterrogation Database.

Upon reading the individualized identification information from theidentification card, the processor is configured to determine whatclasses of biometric data are present in the at least the firstindividualized identification hash. The processor is configured todetermine which interrogation database contains at least some recordscontaining biometric data of the same class as the individualizedbiometric data of the second class present in the individualizedidentification hash. The processor is further configured to instruct thecommunications component to connect to the at least one interrogationdatabase.

Further, when the identification card does not have the individualizedbiometric data present in the local device presented at the point ofcontact, the processor may be configured to retrieve the individualizedbiometric data from a remote database upon entry of a password or otherelectronic entry permission granting procedure. In some embodiments, theremote database may be the enrollment database.

The processor connects to the at least one interrogation and/or remotedatabase via a communications component. The communications componentmay be one or more communications components. Communication by thecommunications component may be achieved via many types of connections,including but not limited to network connection, an extranet, anintranet, the Internet, wireless communication, direct serialcommunication, and/or direct parallel communication. Informationexchanged between the processor and the at least one database canutilized a variety of formats, and in a variety of secure and/orencrypted manners, a non-limiting example being a high-speed secureInternet connection.

C. The Processor is Configured to Interrogate the InterrogationDatabase.

The processor is configured to retrieve biometric data of the secondclass from the at least one interrogation database. The processor isconfigured to reorder data, particularly DNA or RNA data so that thedata in an interrogation database is ordered in the same manner as thedata on the identification card. A non-limiting example includesreordering a list of STR profile data so that the loci of the STR dataare listed in the same order as that of STR profile data listed on theidentification card. The data may be reorganized to present aninterrogation database biometric data similarly to that of the biometricdata used in the individualized information hash to provideinterrogation database identification hashes having an equivalentprecursor structure, and allow the greatest probability of finding amatch. A non-limiting example of reorganizing data of an interrogationdatabase is re-processing graphic representations of fingerprint scansvia the same algorithm as used to enroll a fingerprint scan for theindividual.

The processor is configured to hash each of the plurality ofinterrogation biometric data of the second class together with theindividualized biometric data of the first class to form a plurality ofinterrogation database identification hashes.

The processor may be configured to use the individualized biometric dataof the first class as stored in the identification card. In someembodiments, the digitized individualized biometric data of the firstclass is retrieved by the processor from the identification card andhashed together with each of the plurality of the interrogationbiometric data of the second class to form a plurality of interrogationdatabase identification hashes for use in the comparison to theindividualized identification hash. In another embodiment, the processormay retrieve the individualized biometric data of the first class as ahashed form and the processor may be configured to invert theindividualized biometric data of the first class prior to being hashedtogether with each of the plurality of interrogation biometric data ofthe second class to form a plurality of interrogation databaseidentification hashes for use in the comparison to the individualizedidentification hash. In yet other embodiments, the individualizedbiometric data of the first class may be retrieved as a hashed form andthe hashed form is hashed together with each of the plurality ofinterrogation biometric data of the second class to form a plurality ofinterrogation database identification hashes for use in the comparisonto the individualized identification hash. In other embodiments, theindividualized biometric data of the first class is retrieved as agraphical individualized biometric data and converted to a digitizedindividualized biometric data as part of the process of forming theplurality of interrogation database identification hashes in combinationwith each of the plurality of the interrogation biometric data of thesecond class.

The processor is configured to compare each interrogation databaseidentification hash to the at least a first individualizedidentification hash stored on the identification card of the individual.By comparing only identification hashes combining an individualizedbiometric data of the first class retrieved from the identification cardwith an interrogation biometric data of the second class to theindividualized identification hash presented by the individual, theindividualized biometric data of the second class, i.e., a DNA data ofthe individual may be protected from unauthorized access or use. Invarious embodiments, the individualized biometric data of the secondclass that is used to form the first individualized identification hashis a DNA data that is a STR profile data, a SNP profile, or an INDELprofile.

In some embodiments, the processor interrogates databases havingadditional classes of biometric data. While the at least a firstindividualized identification hash may be used to identify matchesformed with the interrogation database identification hashes whichcontain biometric data of the second class, the individualized biometricdata of the first class, or the individualized biometric data of thethird or more class may be used to interrogate other databases withoutbeing hashed together with individualized biometric data of the secondclass. A non-limiting example includes an identification card containingfingerprint scan data as biometric data of the first class and DNA dataas biometric data of the second class, where the individualizedidentification hash is formed using both fingerprint scan data and DNAdata. While databases containing DNA data can be interrogated by forminginterrogation database identification hashes from the individualizedbiometric data of the first class and each of the entries in theinterrogation database containing DNA data to find a match, theinstances of the first class of individualized biometric data, i.e.,fingerprint scan data, or that of the third or more class ofindividualized biometric data, i.e. iris scan data, retina scan data,facial feature scan data, or body geometry scan data may also be used tointerrogate databases containing respective types of biometric data,without forming additional hashes. In this embodiment, a databasecontaining a fingerprint having limited or no identification informationsuch as name or other parametric data may be reported as forming a matchwith biometric data enrolled on the identification card, thus providingan identification permitting further action as required by the specificrequest for access.

The processor may also be configured to compare each interrogationdatabase identification hash to at least one additional individualizedidentification hash formed from a third or more class of biometric data,when such one-way combined hash is formed from a DNA data. When a thirdclass or more class of biometric data of the third class is a DNA datastored as a combined one-way individualized hash with non-DNA biometricdata on the identification card, then the processor may be configured tointerrogate at least one interrogation having DNA data by retrieving theinstance of individualized non-DNA biometric data that had been used togenerate the combined one-way hash, and forming a plurality ofinterrogation database identification hashes with each of the pluralityof interrogation biometric data of the interrogation database. Theprocessor may be configured to compare each interrogation databaseidentification hash to the individualized identification hash or hashesstored on the identification card of the individual, and determinewhether a match is identified.

In some embodiments, the processor is configured to recognize that theidentification card includes one or more partial individualizedidentification hashes, formed from the individualized biometric data ofthe first class and partial individualized biometric data of the secondclass. In one example, the partial individualized biometric data of thesecond class is a partial DNA profile. The processor may be configuredto communicate to at least one interrogation database including DNAbiometric data that may be an incomplete or partial DNA profile. Theprocessor may be configured to form interrogation databaseidentification hashes from the individualized biometric data of thefirst class and each interrogation database DNA data to form aninterrogation database identification hash. In some embodiments, theprocessor is configured to determine what subtype of partial DNA profiledata is present, determine whether an individualized identification hashon the identification card was formed from a matching subtype, and ifone is present, then is configured to form interrogation databaseidentification hashes with the biometric of the first class extractedfrom the identification card. The processor may also be configured toretrieve a plurality of partial individualized identification hashes,compare each of the plurality of partial individualized identificationhashes to each interrogation database hash formed as described above,and report if any matches are identified. The processor may not beconfigured to identify any characteristic of the partial individualizedidentification hashes in order to make the comparison with each of theinterrogation database identification hashes. In yet other embodiments,the processor is configured to retrieve a plurality of partialindividualized identification hashes, form a plurality of interrogationdatabase identification hashes from each entry of the interrogationdatabase, compare the plurality of partial individualized identificationhashes to the plurality of interrogation database identification hashes,report matches for each entry of the interrogation database, and repeatfor all entries of the interrogation database. The processor may beconfigured to report the percentage of alleles matched data, and numberof loci compared. The processor may be further configured to calculatewhether any identified match has a predetermined probability ofrepresenting a match for the individual or is too fragmentary to besignificant. The processor may be further configured to attempt matchingother biometric data or parametric data present on the identificationcard with equivalent data in the interrogation database entry todetermine significance of the match. In some embodiments, the processormay be configured to compare a plurality of partial individualizedidentification hashes to a plurality of interrogation databaseidentification hashes, or compare a plurality of partial individualizedidentification hashes to partial interrogation database identificationhashes with or without comparing a first individualized identificationhash to a plurality of interrogation database identification hashes.

Additionally, only the processor views any unencrypted DNA data, eitherat the point of enrollment, the point of contact or in the process ofinterrogating the interrogation database and the point of comparing.

The processor is configured to report if a match is found between aninterrogation database identification hash and the individualizedidentification hash. If a match is found, the report may include arequirement for further investigation of the individual. The processormay also report that no match is found, thereby permitting theindividual to gain access to the entity, transport, information,location, security organization, law enforcement organization,transaction, services, authorized status, or funds requested.

The system includes an output component that is configured tocommunicate the report in any suitable manner. Output devices includebut are not limited to a touch screen device, a computer monitor, atelevision screen, a printer, a personal digital assistant, a wirelessor wired telephone display or message, a speaker(s), a computerizedmessaging unit, and the like.

D. the Processor is Configured to Confirm the Identity of the IndividualPresenting the Identification Card.

The processor may be configured to read at least a first class ofindividualized biometric data at a point of contact; and confirm the atleast first class of individualized biometric data at the point ofcontact to verify the identity of the individual presenting theidentification card, thus providing a verification component to thesystems and methods of the invention. In some embodiments, a third ormore class of individualized biometric data is obtained byindividualized biometric data confirmation components at the point ofcontact to compare with the biometric data stored on the identificationcard. In some embodiments, third or more class of individualizedbiometric obtained at the point of contact includes, but is not limitedto fingerprint scan data, retinal scan data, iris scan data, and thelike.

The individual may be required to submit to a scan of one or morebiometric data types at the point of contact. The processor isconfigured to communicate with the biometric data acquisition and dataprocessing components to obtain and process the locally acquiredbiometric data. The locally acquired biometric data may be used in itsundigitized form or may be converted into a digital format.

The processor is configured to compare the locally acquired biometricdata to the individualized biometric data stored on the identificationcard. The individualized biometric data from the identification card maybe inverted from a hashed form or the locally acquired biometric datamay be subjected to the same digitization or hashing processes used toconvert the individualized biometric data for storage on theidentification card at the time of enrollment. This component of theidentification system determines that the individual presenting theidentification card is the individual whose biometric data are recordedon the identification card. If a match is not found, a report may bemade. If a match is not found, the processor may be configured to denythe individual access to the entity, transport, information, location,security organization, law enforcement organization, transaction,services, authorized status, or funds to which the individual has made arequest or require further investigation.

E. The Processor is Configured to Confirm the Authenticity of theIdentification Card.

The processor may be configured to retrieve an enrollment verificationcertification from the identification card, and interrogate theenrollment database. The processor may be configured to search for amatching enrollment verification certification, whereupon the processorfurther determines whether the other information present on theidentification card accompanying the enrollment verificationcertification matches the record of what was recorded to the card at thetime of enrollment. Alternatively, the processor may be configured tosearch for the individual to whom the card was issued and determinewhether the enrollment verification certification retrieved from theidentification card matches the enrollment verification certificationassigned to the card at the time of issuance to the individual. If amatch is found, the processor is configured to permit the process ofidentifying the individual to proceed. If no match is found, theprocessor is configured to report that no match has been found and theaccess request process is halted for further investigation. The reportmay include notifying another system and/or authority.

F. the Processor May be Configured to Enroll the Individual and Producethe Identification Card of the System.

The processor may be configured to acquire at least a first class and asecond class of individualized biometric data. The processor isconfigured to convert biometric data of the first class to a digitalelectronic format, and to store one instance of the biometric data ofthe first class on the identification card, in the digitized electronicformat. In some embodiments, the processor is configured to hash thebiometric data of the first class in an invertible form prior to storageon the card. In other embodiments, the processor is configured to hashthe biometric data of the first class in a non-invertible form prior tostorage on the card. In some embodiments, the processor is configured toperform other post processing of the electronically digitized biometricdata of the first class. In other embodiments no post processing of theelectronically digitized biometric data of the first class is performed.In yet other embodiments, the processor is configured to store thebiometric data of the first class with no further processing after theinitial acquisition, i.e. as a raw image of a biometric data, includingbut not limited to a fingerprint scan data, a retinal scan data and aniris scan data, thus provide individualized biometric data as agraphical individualized biometric data.

When the second class of biometric data is nucleic acid, i.e. either DNAor RNA, a sample of the individual's DNA is collected and analyzed. Theprocessor is configured to convert the DNA or RNA data to a digitalelectronic format. The processor is configured to hash the digitizedelectronic DNA results with a second instance of the electronicallydigitized first class of biometric data of the individual to form afirst individualized identification hash. In some embodiments thehashing process is invertible. In other embodiments, the hashing processis noninvertible. The processor is may be configured to store the firstindividualized identification hash on the identification card.

In some embodiments, the processor is configured to hash subsets of thedigitized electronic DNA results with the second instance of theelectronically digitized first class of biometric data of theindividual. For example, when the DNA data is a STR profile, theprocessor may be configured to hash each STR loci of the STR profile, atleast one subset of all the STR loci of the STR panel, and/or everypossible combination subsets of the STR loci with the digitized firstclass of biometric data to form a plurality of partial individualizedidentification hashes. The processor may be configured to store theplurality of partial individualized identification hashes on theidentification card.

The processor may be configured to acquire a third or more classes ofbiometric data, and convert the data to a digital electronic format. Thethird or more classes of biometric data may be hashed before storage onthe identification card. In some embodiments the hash of the third ormore classes of biometric data is invertible. In other embodiments thehash of the third or more classes of biometric data is non-invertible.In some embodiments other post processing of the electronicallydigitized biometric data of the third or more class is performed. Inother embodiments no post processing of the electronically digitizedbiometric data of the third or more class is performed.

When a biometric data including a nucleic acids profile, either DNA orRNA, is used, for example, as a biometric data of the third or moreclass, the processor may be configured to hash the DNA or RNA biometricdata of the third or more class with the electronically digitizedbiometric data of the first class, prior to storage on theidentification card. In some embodiments, the hashing of the DNA or RNAcontaining third class of biometric data and the first class ofbiometric data is non-invertible. In other embodiments, the hashing ofthe DNA or RNA biometric data of the third class and the first class ofbiometric data is invertible.

The processor may be further configured to store each of the instancesof the at least a first class of individualized biometric data, the atleast a first individualized identification hash and/or one or morepartial individualized identification hashes as a barcode,alphanumerical or a graphical representation. The barcode may be a twodimensional barcode, including but not limited to a matrix barcode. Insome embodiments, the processor is configured to store each of theseinstances of individualized biometric data on an identification card.

The processor may be configured to assign each newly issued card with anenrollment verification certification. The certification may be used toauthenticate the identification card as a card issued by the enrollmentauthority. The biometric data, in its hashed form, may be stored in anenrollment database. This may provide another mode of verification atthe point of contact when the identification card is presented torequest access to an entity, transport, information, location, securityorganization, law enforcement organization, transaction, services,authorized status, or funds.

Enrollment Component.

The enrollment component may include one or more biometric dataacquisition and data processing components. Biometric data acquisitioncomponents include instruments configured to scan biometrics including,but not limited to, fingerprints and palmprints; body geometry features,including but not limited to ear, hand, finger, and the like; facialfeatures; face images; voice; voice prints; optical recognition,including but not limited to iris scans and retinal scans; infraredidentification, including but not limited to face, hand, and handvein;and the like, and may be present at the point of contact. Biometric dataacquisition components may further include instruments configured toobtain a sample of nucleic acid, i.e. either DNA or RNA. Biometric dataacquisition components may also include instruments configured toanalyze the DNA or RNA, and provide a DNA profile or a RNA profile.Biometric acquisition components may also include instrumentationconfigured to analyze a biological sample of the individual, includingbut not limited to blood, serum, urine, tissue, saliva, tears, or anyother bodily fluid or solid tissue type. The instrumentation may includeprotein analyzers, gene expression analyzers, blood type analyzers, andthe like. An input component may be included to submit the biometricdata obtained by the one or more biometric acquisition components intothe enrollment component of the system. Data processing components maybe incorporated in the enrollment component to digitize and furtherprocess the raw biometric data. In some embodiments the processingincludes hashing the biometric data.

Verification Component.

The verification component may include one or more individualizedbiometric data confirmation components which may each include biometricdata acquisition and data processing components. Biometric dataacquisition components include instruments configured to scan biometricsincluding, but not limited to, fingerprints and palmprints; bodygeometry features, including but not limited to ear, hand, finger, andthe like; facial features; face images; voice; voice prints; opticalrecognition, including but not limited to iris scans and retinal scans;infrared identification, including but not limited to face, hand, andhandvein; and the like, and may be present at the point of contact. Aninput component may be included to submit the biometric data obtained bythe one or more biometric acquisition components into the verificationcomponent of the system. Data processing components may be incorporatedin the individualized biometric data confirmation component to digitizeand further process the raw biometric data. In some embodiments theprocessing includes hashing the biometric data. In some embodiments theprocessing includes hashing two classes of biometric data together.Other data processing components included in the verification componentinclude data processing components configured to compare theindividualized biometric data obtained at the point of contact from theindividual with the individualized biometric data stored on theidentification card of the individual. Additional data processingcomponents include processors configured to compare an enrollmentverification certification stored on the identification card with anenrollment verification certification stored on an enrollment database.The verification component also may include a processor configured toissue a report whether or not the individualized biometric data obtainedat the point of contact matches the individualized biometric data storedon the identification card of the individual. The verification componentalso may include a processor configured to issue a report whether or notthe enrollment verification certification retrieved from theidentification card at the point of contact matches the enrollmentverification certification enrolled for the individual stored on theenrollment database.

Computer Readable Medium.

The computer readable medium is a computer program that instructs acomputer, which term is interchangeable with “processor”, which is in orconnected to the identification card reader. The computer readablemedium is configured to instruct the processor read and retrieveindividualized identification information of any class, combination, orformat as described for the identification card and identificationsystem. The computer program may instruct the processor to invert one ormore invertible instances of individualized biometric data of any class.The computer program may instruct the processor to determine whatclasses of biometric data are stored on an identification card. Thecomputer program may instruct the processor to retrieve at least a firstclass of individualized biometric data and a first individualizedidentification hash from the identification card. In embodiments wherethe identification card does not carry the individualized biometric datalocally, the computer program may instruct the processor to retrieve theindividualized biometric data from another database, which may be anenrollment database. The computer program may instruct the processor toconnect, using the communications component(s), to the at least oneinterrogation database and to retrieve appropriate class(es) ofbiometric data. The computer program may instruct the processor toretrieve the plurality of interrogation biometric data of the secondclass and, if necessary, reorder and/or reorganize each of the pluralityof interrogation biometric data of the second class to be presented inthe same order of presentation and manner as that of the individualizedbiometric data of the second class. The computer program may instructthe processor to hash the first class of individualized biometric datain combination with each of the plurality of the interrogation biometricdata to form a plurality of interrogation identification hashes. When athird class or more class of individualized biometric data of the thirdclass is a DNA data stored as an additional combined one-wayindividualized identification hash with non-DNA biometric data on theidentification card, then the computer may instruct the processor tointerrogate at least one interrogation database having DNA data byretrieving the instance of individualized non-DNA biometric data thathad been used to generate the combined one-way hash, and to form aplurality of interrogation database identification hashes using each ofthe plurality of interrogation biometric data of the interrogationdatabase. The computer program may further instruct the processor tocompare each of the interrogation database identification hashes withthe first individualized identification hash and/or additionalindividualized identification hashes. The computer program may instructthe processor to compare other individualized biometric data of thefirst or of the third or more classes with interrogation database dataof the same type. The computer program may instruct the processor toreport a match, if found. The report can be a local report or a reportto an external authority.

Interrogation of Partial DNA Data.

The computer readable medium may instruct the processor to perform acomparison with partial data, and optionally, to provide a weightingfunction to determine significance of a match found using partial data,such as partial DNA profiles. The computer program may instruct theprocessor to identify whether at least one interrogation databasecontains interrogation biometric data which may be incomplete, degraded,or has portions of the biometric data obscured by contaminants. Thecomputer program may instruct the processor to determine what portionsof interrogation biometric data are available for comparison withindividualized biometric data. The computer program may then instructthe processor to retrieve respective partial individualized biometricdata sets that may be stored on the identification card. In onenon-limiting example, the identification card contains a firstindividualized identification hash formed from a fingerprint scan dataand a DNA STR profile. The identification card may also include one ormore additional partial individualized identification hashes formed fromthe fingerprint scan and each STR loci of the STR panel, from thefingerprint scan and at least one subset of all the STR loci of the STRpanel, and/or every possible combination of the fingerprint scan dataand subsets of the STR loci. The computer program may instruct theprocessor to retrieve descriptors of these partial individualizedidentification hashes from the identification card for comparisonagainst equivalent interrogation database biometric data. The computerprogram may instruct the processor to compare each of the plurality ofpartial individualized identification hashes formed from the fingerprintscan data and the subsets of DNA STR loci of the individual to a partialinterrogation database identification hash formed from the fingerprintscan data of the individual and a potentially incomplete or partial DNASTR data entry of the at least one interrogation database. The computerprogram may also instruct the processor to perform a comparison betweenthe individualized identification hash and the interrogation databaseidentification hash formed from the DNA data of the database entry topermit interrogation whether the DNA data of the interrogation databaseentry is complete or incomplete.

The computer program may instruct the processor to report each matchfound between any of the plurality of individualized identificationhashes (complete or partial) and the interrogation databaseidentification hash. The computer program may instruct the processor toidentify whether all the STR loci of the STR profile of the individual,or identify which of the subset or subsets of the STR loci of theindividual provided a match, as the identity of the STR loci may beidentifiable without revealing the individual's alleles, thus stillproviding privacy. In some embodiments, the computer program mayinstruct that a match may be reported by the processor when the partialindividualized identification hash used in the comparison is formed froma subset of two or more STR loci. In other embodiments, a match may bereported when the partial individualized identification hash used in thecomparison is formed from a subset of three or more, four or more, fiveor more, six or more, seven or more, or eight or more STR loci. In otherembodiments, a match may be reported when more than one partialindividualized identification hash matches the partial interrogationdatabase identification hash. One of skill may determine which subsetsor combination of subsets of STR loci provides a significant match ofidentity to an interrogation database entry, and/or the computer programmay instruct the processor to perform the determination and resultinglyreport a significant match.

In another embodiment, the computer readable medium may instruct theprocessor to form a plurality of partial interrogation identificationhashes using the digitized fingerprint scan data of the individual asstored on the identification card and each loci of the DNA data of theinterrogation database entry, where the DNA data may not have all of theloci of a complete DNA profile. The computer program may instruct theprocessor to retrieve a plurality of partial individualizedidentification hashes stored on the identification card, where thepartial individualized identification hashes had been formed from thedigitized fingerprint scan data and each of the loci of the DNA profiledata of the individual. The computer program may then instruct theprocessor to compare each of the plurality of partial individualizedidentification hashes with each of the plurality of partialinterrogation database identification hashes. The computer program mayinstruct the processor to identify matches and may instruct theprocessor to include notation of which specific loci matched.

In another embodiment, the computer readable medium may instruct theprocessor to form one or more specific partial interrogationidentification hashes using the digitized fingerprint scan data of theindividual as retrieved from the identification card and selected lociof the DNA data of the interrogation database entry. For example, thecomputer program may instruct the processor to determine if a particularsubset of loci of DNA data is available in specific interrogationdatabase entry. One non-limiting example is the use of the subset ofloci as follows: CS1PO, D7820, D13S317, D16S539, D18S51, D21S11, FGA,D2S1338, and amelogenin. The computer program may instruct the processorto compare specifically selected partial interrogation databaseidentification hashes to a partial individualized identification hashwhich had been formed from a respective selected subset of DNA loci andthe digitized fingerprint scan data. The computer program may instructthe processor to report a match, if identified.

In any embodiment when the database entry may not have a complete DNAprofile, the computer program may instruct the processor to returnpercentage of alleles matched data, and number of loci compared. One ofskill may customize the requirements for threshold matching criteria inorder to instruct the processor whether the results constituteidentification of a significant match.

Alternatively, the computer readable medium may instruct the processorto assign probabilities that the comparisons between the partialindividualized identification hashes and the partial interrogationhashes represent a significant likelihood of a match. The computerprogram may instruct the processor to report a match when theseconditions are met.

In other embodiments, the computer readable medium may instruct theprocessor to issue a result indicating that a less stringently definedassociation has been found between the interrogation database entry andthe individual presenting the identification card. The computer programmay further instruct the processor to issue results indicating apotential familial connection, i.e., son, brother, or father, but not anidentification permitting confirmation that the individual presentingthe card is the same individual whose DNA data is that of theinterrogation database entry.

The computer readable medium may instruct a computer that is in orconnected to biometric acquisition and processing components used in theenrollment module and/or verification module. The computer readablemedium may provide instructions to control the instrumentation to obtainthe raw biometric data/images and to process according to the methodsdescribed above to form appropriate digitized electronically formattedbiometric data of the at least a first class for storage on theidentification card. The computer readable medium may also provideinstructions to store the raw biometric data/images as graphicalbiometric data on the identification card. The computer readable mediummay provide instructions to control the biometric acquisition andprocessing components to obtain and process the first and second classesof individualized biometric data to form the first individualizedinformation hash, and store it to the identification card. The computerprogram may instruct the processor to retrieve respective partialindividualized biometric data sets that may be stored on theidentification card. The computer readable medium may instruct theprocessor to retrieve one or more additional partial individualizedidentification hashes that may be stored on the identification card. Insome embodiments, the computer readable medium may instruct theprocessor to retrieve a plurality of partial individualizedidentification hashes that may be stored on the identification card. Thecomputer program may instruct the processor to retrieve descriptors ofpartial individualized identification hashes from the identificationcard for use in the comparison against equivalent interrogation databasebiometric data. The computer readable medium may provide instructions tocontrol the biometric acquisition and processing components to obtainand process a third and more classes of individualized biometric dataand store it to the identification card. When any of the third and moreclasses of individualized biometric data includes DNA or DNA, theprogram may instruct the processor to form an individualizedidentification hash for each instance of individualized DNA biometricdata. The program may further instruct the computer to store any or allof the individualized biometric data and/or individualizedidentification hashes and/or partial individualized identificationhashes to the identification card or a central database, where thecentral database may include the enrollment database. The program mayinstruct the instrumentation to also obtain additional classes ofbiometric data and likewise process for storage on the identificationcard. In some embodiments, the instructions control the instrumentationto use undigitized data for comparison.

The computer readable medium may provide instructions to store each ofthe instances of the at least a first class of individualized biometricdata, the at least a first individualized identification hash and/or oneor more partial individualized identification hashes as a barcode,alphanumerical or a graphical representation. The barcode may be a twodimensional barcode, including but not limited to a matrix barcode. Insome embodiments, the computer readable medium may provide instructionsto store each of these instances of individualized biometric data on anidentification card.

In the verification components of the system, the computer readablemedium may instruct the processor to retrieve one or more classes ofindividualized biometric data from the identification card presented byan individual at a point of contact. The computer program instructs theprocessor to determine what class(es) of individualized biometric dataare retrieved. The computer program instructs the processor to connectto individualized biometric data confirmation components, to acquirebiometric data from the individual at the point of contact. The computerreadable medium may instruct a computer that is in or connected tobiometric acquisition and processing components used in the verificationmodule. The program may provide instructions to control theinstrumentation to obtain the raw biometric data/images and to processaccording to the methods described above to form data useful forcomparison with the biometric data of the first class to verify theidentity of the individual. The program may instruct the instrumentationto also obtain additional classes of biometric data.

The computer readable medium may instruct the processor to extract eachfeature and process each feature to present the processed locallyacquired biometric data in the same format as the individualizedbiometric data of class retrieved from the identification card. In someembodiments, the instructions control the instrumentation to useundigitized data for comparison. The computer program may instruct theprocessor to compare each locally acquired biometric data to theindividualized biometric data of the same type, as retrieved from theidentification card.

The computer readable medium may instruct the processor to report if theone or more locally acquired biometric data is found to match the one ormore individualized biometric data stored on the identification card,and verify the identity of the individual as the individual whosebiometric data is stored on the identification card. The computerprogram then may instruct the processor to initiate a method ofidentification of the invention, as shown any of the non-limitingexamples described herein.

If a match is not found in the one or more classes of biometric data,the computer program may instruct the processor to stop processing therequest, and to issue a report that one or more biometric data does notmatch. Further investigation may be required before any further step ofthe identification system is taken. The report may include notifyinganother system and/or authority. The computer program may additionallyinstruct the processor to initiate an alarm to prevent the individualfrom leaving the point of contact without further investigation by anauthority.

The computer readable medium may provide instructions to a processorwhich is in or connected to the identification card reader and anenrollment database. The identification card may contain an enrollmentverification certification (EVC), wherein the computer readable mediummay instruct the processor to retrieve the enrollment verificationcertification and to interrogate an enrollment database to verify theauthenticity of issuance of the identification card. This can beperformed in several ways, one of which is to instruct the processor tosearch for a matching enrollment verification certification, whereuponthe processor is further instructed to determine whether otherinformation present on the identification card accompanying theenrollment verification certification matches the record of what wasrecorded to the card at the time of enrollment. Alternatively, thecomputer readable medium may instruct the processor to search for theindividual to whom the card was issued and to determine whether theenrollment verification certification retrieved from the identificationcard matches the enrollment verification certification assigned to thecard at the time of issuance to the individual. If a match is found, thecomputer readable medium may instruct the processor to continue themethod of identifying the individual. If no match is found, the computerreadable medium may instruct the processor to report that no match hasbeen found and the access request process is halted for furtherinvestigation. The report may include notifying another system and/orauthority. The computer readable medium may instruct the processor toinitiate an alarm to prevent the individual from leaving the point ofcontact without further investigation by an authority.

The computer readable medium may additionally provide instructions to aprocessor which is in or connected to an identification card read/writecomponent and an enrollment database. The computer readable medium mayinstruct the processor to assign and deposit a unique enrollmentverification certification (EVC) into the enrollment database and storesa copy of the unique enrollment verification certification (EVC) in theidentification card, at the time of enrollment.

Any suitable computer-readable medium may be utilized, and may be anytangible storage medium or media having instructions stored thereon ortherein which can be used to control, or cause, a computer to performany of the procedures of the embodiments of the invention. The storagemedium may include without limitation a floppy disk, a mini disk, anoptical disc, a Blu-ray Disc, a DVD, a CD or CD-ROM, a micro-drive, amagneto-optical disk, a read-only memory (ROM), a random access memory(RAM), an erasable programmable read-only memory (EPROM), an EEPROM, aDRAM, a VRAM, a flash memory, a flash card, a thumb drive (USB), amagnetic card, an optical card, nanosystems, a molecular memoryintegrated circuit, a RAID, remote data storage/archive/warehousing,and/or any other type of device suitable for storing instructions and/ordata. The method for supplying the program(s) includes accessing a homepage on the internet using browsing software of a client computer, whenthe home page allows each user to download the computer programs of thepresent invention, or compressed files having automatic installingfunctions, to a hard disk or other recording medium of the user. Wheninformation is transferred or provided over a network or anothercommunications connection (either hardwired, wireless, or combinationthereof) to a computer, the computer properly views the connection as acomputer-readable medium. Combinations of the above should also beincluded within the scope of the computer-readable medium.

One or more computer-executable program code portions for carrying outoperations of the present invention may include object-oriented,scripted, and/or unscripted programming languages, such as, for example,Java, Perl, Smalltalk, C, C++, SAS, SQL, Python, Objective C, and/or thelike. The computer program code may alternatively or additionally bewritten in one or more multi-paradigm programming languages, such as,for example, F#.

A person of ordinary skill in the art, given the benefit of theforegoing description describing the steps to be performed, couldimplement such a program.

In one embodiment, the invention provides a system for identifying aperson, including: an identification card comprising individualizedidentification information including at least one of a fingerprint dataand a retinal scan data, and a DNA data, where one of the fingerprintdata and the retinal scan data is hashed together with the DNA data toform an individualized identification hash; and a processor configuredto: connect to at least one interrogation database comprising aplurality of interrogation DNA data; interrogate the at least onedatabase wherein each of the plurality of interrogation DNA data ishashed together with the at least one of the fingerprint data and theretinal scan data of the individual to form a plurality of interrogationdatabase identification hashes; compare each of the plurality ofinterrogation database identification hashes to the personalidentification hash; report a match of the database identification hashto the individualized identification hash, if found; and optionally,where the processor is configured to read at least one of thefingerprint data and the retinal scan data at a point of contact,wherein the at least one of the fingerprint data and the retinal scandata is confirmed at the point of contact; and report if a match is notfound. Additionally, the identification card may contain an enrollmentverification certification, wherein the processor retrieves theenrollment verification certification and interrogates an enrollmentdatabase to verify the authenticity of the identification card. Thesystem may further include computer readable instructions, which whenexecuted by the processor, operates on individualized identificationinformation of an individual comprising an individualized biometric dataof at least a first class and an individualized identification hashcomprising the individualized biometric data of the first class and anindividualized biometric data of a second class, and instructs theprocessor to connect with at least one interrogation database comprisinga plurality of interrogation biometric data of the second class;interrogate the at least one interrogation database wherein each of theplurality of interrogation biometric data of the second class is hashedtogether with the individualized biometric data of the first class toform a plurality of interrogation database identification hashes;compare each of the plurality of interrogation database identificationhashes to the individualized identification hash; and report whether amatch of the interrogation database identification hash to theindividualized identification hash is found.

Methods of Use for the System of the Invention.

The identification systems, which may or may not include verificationcomponents and/or enrollment components, may be used in many methods ofidentification of an individual. Individualized identificationinformation, including individualized biometric data, of any class,combination, or format as described for the identification card andidentification system may be used in the methods of the invention.

One embodiment of a method 400A of identification of an individual isshown in FIG. 4A. An individual presents an identification card 420 whenrequesting access to an entity, transport, information, location,security organization, law enforcement organization, transaction,services, authorized status, or funds. The identification card includesindividualized identification information which includes individualizedbiometric data which is retrieved and read for use in the methods ofidentification. In some embodiments, the identification card does nothave the individualized biometric data present in the local devicepresented at the point of contact. The individualized biometric data maybe retrieved from a remote database upon entry of a password or otherelectronic entry permission granting procedure for any of the followingsteps of the methods of identification, verification and/or enrollment.In some embodiments, the remote database may be the enrollment database.

A first individualized identification hash (IIH, 402), formed from anindividualized biometric data of a first class and an individualizedbiometric data of a second class, and an individualized biometric dataof the first class (IDBI, 403) may be retrieved from the identificationcard 420. The processor may retrieve the individualized identificationhash 402 and the individualized biometric data of the first class 403from the identification card and may determine what classes of biometricdata are included. Any suitable class of biometric data may be used, asdescribed for the identification card of the system. When any class ofindividualized biometric data is a DNA data, then the DNA individualizedbiometric data is stored in a hashed form. In some embodiments, the hashis a one-way hash. The processor may optionally include the step ofconverting the individualized biometric data of the first class to adigitized individualized biometric data, if it had been stored as agraphical individualized biometric data, alphanumeric representation ora barcode, on the identification card. The processor may access at leastone interrogation database (470 ₁ to 470 _(n)) which contains aplurality of interrogation biometric data of the second class whereineach of the plurality of interrogation biometric data of the secondclass may have an interrogation database identifier (NDB₁ to NDB_(r) andNDB_(r+1) to NDB_(r+s), (404 ₁ to 404 _(r) and 404 _(r+1) to 404_(r+s))). The processor may retrieve the plurality of interrogationbiometric data of the second class and, if necessary, reorder each ofthe plurality of interrogation biometric data of the second class to bepresented in the same order and manner as that of the individualizedbiometric data of the second class. The processor may hash each of theplurality of interrogation biometric data of the second class (404 ₁ to404 _(r) and 404 _(r+1) to 404 _(r+s)) together with the individualizedbiometric data of the first class 403 to form a plurality ofinterrogation database identification hashes (IDIH₁ to IDIH_(r) andIDIH_(r+1) to IDIH_(r+s) (element nos. 405 ₁ to 405 _(r) and 405 _(r+1)to 405 _(r+s))). Each of the plurality of interrogation databaseidentification hashes (405 ₁ to 405 _(r) and 405 _(r+1) to 405 _(r+s))may be compared (406) to the individualized identification hash (IDH,402). A report may be issued whether a match of one or more of theinterrogation database identification hashes to the individualizedidentification hash (409) is found. If no match is found, the individualmay continue the process towards access to the entity, transport,information, location, security organization, law enforcementorganization, transaction, services, authorized status, or funds (408).When a match is identified, then a report 409 is issued concluding thata match was identified and may require further investigation of theindividual before any further steps may be taken in the request foraccess.

Other embodiments of methods, 400B, of identification of an individualare shown in FIG. 4B. An individual presents an identification card 420when requesting access to an entity, transport, information, location,security organization, law enforcement organization, transaction,services, authorized status, or funds. The processor may retrieve anenrollment verification certification 411 from the identification card,and interrogate the enrollment database 475. This can be performed inseveral ways, one of which is to search for a matching enrollmentverification certification, whereupon the processor may furtherdetermine whether the other information present on the identificationcard 420 accompanying the enrollment verification certification 411matches (412) the record of what was stored in the card 420 at the timeof enrollment. Alternatively, the processor can search for theindividual to whom the card 420 was issued and may determine whether theenrollment verification certification 411 retrieved from theidentification card 420 matches (412) the enrollment verificationcertification assigned to the card at the time of issuance to theindividual. If a match is found, the method of identifying theindividual continues. If no match is found, the processor may report(414) that no match has been found and the access request process ishalted for further investigation. The report (414) may include notifyinganother system and/or authority. The processor may additionally initiatean alarm to prevent the individual from leaving the point of contactwithout further investigation by an authority.

A first individualized identification hash (IIH, 402), formed from anindividualized biometric data of a first class and an individualizedbiometric data of a second class, and an individualized biometric dataof the first class (IDBI, 403) may be retrieved from the identificationcard 420 by the processor. Any suitable class of biometric data may beused, as described for the identification card of the system. When anyclass of individualized biometric data is a DNA data, then the DNAindividualized biometric data is stored in a hashed form. In someembodiments, the hash is a one-way hash. The processor may access atleast one interrogation database (470 ₁ to 470 _(n)) which contains aplurality of interrogation biometric data of the second wherein each ofthe plurality of interrogation biometric data of the second class has aninterrogation database identifier class (NDB₁ to NDB_(r) and NDB_(r+1)to NDB_(r+s), element nos. (404 ₁ to 404 _(r) and 404 _(r+1) to 404_(r+s))). The processor may hash each of the plurality of interrogationbiometric data of the second class together with individualizedbiometric data of the first class to form a plurality of interrogationdatabase identification hashes (IDIH₁ to IDIH_(r) and IDIH_(r+1) toIDIH_(r+s), element nos. (405 ₁ to 405 _(r) and 405 _(r+1) to 405_(r+s))). Each of the plurality of interrogation database identificationhashes (405 ₁ to 405 _(r) and 405 _(r+1) to 405 _(r+s)) may be compared(406) to the individualized identification hash (IIH, 402). Any match ofone or more of the interrogation database identification hashes to theindividualized identification hash may be reported (409). The accessrequest process may be halted for further investigation of theindividual. The report (414) may include notifying another system and/orauthority. The processor may additionally initiate an alarm to preventthe individual from leaving the point of contact without furtherinvestigation by an authority.

If no match (407) is found, the individual may continue the processtowards access to the entity, transport, information, location, securityorganization, law enforcement organization, transaction, services,authorized status, or funds (408).

In another embodiment of a method of identification, the processor mayretrieve the individualized biometric data of the first class, which iscompared directly to interrogation database entries of the same class.This may be performed either independently or along with the comparisonof interrogation database identification hashes formed from biometricdata of the second class, as described above. In yet other embodiments,the individualized biometric data of the third or more class isretrieved from the identification card and matched with interrogationdatabase biometric data of the equivalent class. Any suitable class ofbiometric data may be used, as described for the identification card ofthe system. If the individualized biometric data of the third or moreclass is a DNA data and is present as a second or more individualizedidentification hash, it is compared with interrogation databaseidentification hashes formed as described above for the individualizedbiometric data of the second class, and using steps of comparison asdescribed as suitable for the individualized biometric data of thesecond class. If matches of the individualized biometric data of thefirst class or of the third or more class are identified, a report maybe issued and the access request process may be halted for furtherinvestigation of the individual.

Other embodiments of methods, 400C and 400D, of identification of anindividual are shown in FIG. 4C and FIG. 4D. The method ofidentification of an individual may be performed using partial DNAprofiles. This may occur when the at least one interrogation databasehas incomplete or degraded DNA profile entries. In some embodiments, itmay be determined whether at least one interrogation database containsinterrogation biometric data which may be incomplete, degraded, or hasportions of the biometric data obscured by contaminants. It mayadditionally determine what portions of interrogation biometric data areavailable for comparison with individualized biometric data. As shown inFIG. 4C, one embodiment 400C of the method includes an identificationcard 420 presented by the individual may have a plurality of partialindividualized identification hashes formed from individualizedbiometric data of the first class with partial DNA profiles (PIIH₁ toPIIH_(k)), along with the first individualized identification hashformed from the individualized biometric data of the first class and theindividualized biometric data of the second class which is a DNA profile(IIH). In some embodiments, the hash is a one-way hash. In onenon-limiting example, the individualized biometric data of the firstclass is a fingerprint scan data or an iris scan data. The plurality ofpartial individualized identification hashes may be formed from each DNAprofile component contributing to the DNA profile as acquired for theindividual. For example, a plurality of individualized identificationhashes may be formed using each DNA STR locus separately, or everycombination of subsets, or any selection of such grouping of DNA STRloci. One non-limiting example is the use of the subset of SNA STR locias follows: CS1PO, D7820, D13S317, D16S539, D18S51, D21S11, FGA,D2S1338, and amelogenin. A partial individualized identification hashused in the comparison with partial interrogation database DNA biometricdata may be formed from a subset of two or more, three or more, four ormore, five or more, six or more, seven or more, or eight or more STRloci. Optionally, the identification card may include descriptors of theloci used to form the partial individualized identification hashes forcomparison against equivalent interrogation database biometric data.

Each of the plurality of partial individualized identification hashes(PIIH₁ to PIIH_(k)) may be compared (406) to a potentially partialinterrogation database identification hash (IDIH₁) formed from theindividualized biometric data of the first class (IBD₁) and apotentially incomplete or partial DNA STR data entry of the at least oneinterrogation database (NDB₁). In some embodiments, comparison (406)between the first individualized identification hash (IIH) and theinterrogation database identification hash (IDIH₁) is also performed. Inother embodiments of the method, comparison (406) of the plurality ofpartial individualized identification hashes (PIIH₁ to PIIH_(k)) to theinterrogation database identification hash (IDIH₁) is performed withoutthe first individualized identification hash (IIH) being compared to theinterrogation database identification hash (IDIH₁).

A report (409) may be issued for any matches found between any of theplurality of individualized identification hashes (complete or partial,element nos. (402 ₁ to 402 _(1+k)) and the interrogation databaseidentification hash. The report may include whether the complete set ofSTR loci (as contained in IIH) or which subset or subsets of STR loci(as contained in PIIH₁ to PIIH_(k)) provided a match, as the identity ofthe STR loci may be identifiable without revealing the individual'salleles, thus still providing privacy. A match may be reported when thepartial individualized identification hash used in the comparison isformed from a subset of two or more STR loci. In other embodiments, amatch may be reported when the partial individualized identificationhash used in the comparison is formed from a subset of three or more,four or more, five or more, six or more, seven or more, or eight or moreSTR loci. In other embodiments, a match may be reported when more thanone partial individualized identification hash matches the partialinterrogation database identification hash. One of skill may determinewhich subsets or combination of subsets of STR loci provides asignificant match of identity to an interrogation database entry, and/orthe computer program may instruct the processor to perform thedetermination and resultingly report a significant match. Alternatively,if no matches were found, with any of the group of individualizedhashes, screening of the interrogation database entry (NDB₁) iscomplete. The process of forming an interrogation databaseidentification hash with the next entry in the interrogation database(NDB₂); comparing the resulting interrogation database identificationhash IDIH₂ with the plurality of individualized identification hashes(402 ₁ to 402 _(1+k)); and reporting whether any matches wereidentified.

In another embodiment 400D as shown in FIG. 4D, another method toidentify an individual is described. A plurality of partialinterrogation identification hashes (L₁IDIH₁ to L_(j)IDIH₁, elements 405₁-405 _(j)) may be formed using the individualized biometric data of thefirst class (IBD₁) of the individual and each loci of the DNA data(L₁NDB₁ to L_(j)NBD₁, elements 404 ₁-404 _(j)) of the interrogationdatabase entry (NDB₁), where the DNA data may not have all of the lociof a complete DNA profile, as acquired for the individual at the time ofenrollment. A plurality of partial individualized identification hashes(PIIH₁ to PIIH_(h)) are retrieved, where the partial individualizedidentification hashes had been formed from the individualized biometricdata of the first class (IBD₁) and each of the loci of the DNA profiledata of the individual, having a total of h loci.. Each of the pluralityof partial individualized identification hashes (PIIH₁ to PIIH_(h)) maybe compared with each of the plurality of partial interrogation databaseidentification hashes (L₁IDIH₁ to L_(j)IDIH₁, elements 405 ₁-405 _(j)).Matches can be identified and reported and the report may includenotation of which specific loci matched. A report may also include aconclusion of finding a significant match. If no matches are found, areport indicating that screening of the interrogation database entry(NDB₁) is complete. The steps of this method may be repeated for everyinterrogation database entry, NDB₁ to NDB_(r) and similarly for everyother database to be interrogated.

In another embodiment of the method of FIG. 4D, one or more specificpartial interrogation identification hashes may be formed using theindividualized biometric data of the first class (IBD₁) of theindividual and selected loci of the DNA data of the interrogationdatabase entry. For example, it may be determined if a particular subsetof loci of DNA data is available in specific interrogation databaseentry (NDB₁). One non-limiting example is the use of the subset of locias follows: CS1PO, D7820, D13S317, D16S539, D18S51, D21S11, FGA,D2S1338, and amelogenin. Such a specifically selected partialinterrogation database identification hash may be formed from theindividualized biometric data of the first class (IBD₁) of theindividual and the specifically selected subset of loci of theinterrogation database entry (NDB₁), and compared to a partialindividualized identification hash (for example a g^(th) partialindividualized identification hash, PIIH_(g)) of the total of k partialindividualized identification hashes of FIG. 4C which had been formedfrom a respective selected subset of DNA loci and the individualizedbiometric data of the first class (IBD₁) of the individual. Matches maybe reported as described above. One of skill may determine specificcombinations of selected subsets of STR loci of DNA data that provideuseful matches for reporting. Selected combinations of selected subsetsmay not require every loci of a complete STR DNA panel to be present inthe interrogation database entry, while still providing a statisticallysignificant match.

In various embodiments, comparison of the individualized identificationhash (IIH) with each of the plurality of partial interrogation databaseidentification hashes (L₁IDIH₁ to L_(j)IDIH₁) may or may not beperformed when partial individualized identification hashes are comparedto partial interrogation database identification hashes (L₁IDIH₁ toL_(j)IDIH₁).

In any embodiment when the database entry may not have a complete DNAprofile, a report may issue including percentage of alleles matcheddata, and number of loci compared. One of skill may customize therequirements for threshold matching criteria in order to determinewhether the results constitute identification of a significant match.

Alternatively, the processor may assign probabilities that thecomparisons between the partial individualized identification hashes andthe partial interrogation data hashes represent a significant likelihoodof a match. A match may be reported when these conditions are met.

In other embodiments, a report may be issued indicating that a lessstringently defined association has been found between the interrogationdatabase entry and the individual presenting the identification card.The report may indicate a potential familial connection, i.e., son,brother, or father, but not an identification permitting confirmationthat the individual presenting the card is the same individual whose DNAdata is that of the interrogation database entry.

In any of the embodiments of the methods of identification, each of theinstances of the at least a first class of individualized biometricdata, the at least a first individualized identification hash and/or oneor more partial individualized identification hashes may be retrieved asa barcode, alphanumerical or a graphical representation. The barcode maybe a two dimensional barcode, including but not limited to a matrixbarcode. In some embodiments, each of these instances of individualizedbiometric data is retrieved from an identification card.

Verification. In other embodiments, steps including verification areperformed at the same time or prior to the identification methods. Theverification method steps are shown schematically in FIGS. 5A and 5B. Afirst class, or more, of individualized biometric data (IBD₁ to IBD_(M))is retrieved from the identification card 520 presented by an individualat a point of contact. The processor determines what classe(s) ofindividualized biometric data are retrieved (517). The processorconnects to individualized biometric data confirmation components 1-m(580 ₁-580 _(m)), and acquires each of 1-m biometric data from theindividual at the point of contact. The processor extracts each featureF₁ to F_(m) (515) and processes each feature (516) to present each F₁ toF_(m) in the same format, digitized or undigitized, hashed or nothashed, and with any further processing necessary to present theprocessed locally acquired biometric data PF₁ to PF_(m) in the sameformat as the individualized biometric data of class Ito class M. Eachlocally acquired biometric data is compared (518) to the individualizedbiometric data of the same type, as retrieved from the identificationcard 520.

If the one or more locally acquired biometric data is found to match(519) the one or more individualized biometric data stored on theidentification card, a report (522) may be sent verifying the identityof the individual as the individual whose biometric data is stored onthe identification card. The method of identification of the inventionis then initiated, as shown any of the non-limiting examples describedherein.

If a match (519) is not found in one or more classes of biometric data,the request processing is stopped, a report (521) is sent, and furtherinvestigation may be required before any further step of theidentification system is taken.

FIG. 5B shows another embodiment of verification methods, which, inaddition to the steps discussed above for FIG. 5A, adds the steps ofretrieving (523) an enrollment verification certification (EVC) from theidentification card. The enrollment database 575 is interrogated. Thiscan be performed in several ways, one of which is to search for amatching enrollment verification certification, whereupon the processorfurther determines whether the other information present on theidentification card 520 accompanying the enrollment verificationcertification EVC matches (525) the record of what was recorded to thecard 520 at the time of enrollment. Alternatively, the processor cansearch for the individual to whom the card 520 was issued and determinewhether the enrollment verification certification EVC retrieved from theidentification card 520 matches (525) the enrollment verificationcertification assigned to the card at the time of issuance to theindividual. If a match is found, the method of verifying the identity ofthe individual at the point of contact continues, as described in theequivalent steps of the method of FIG. 5A. If no match is found, theprocessor reports (526) that no match has been found and the accessrequest process is halted for further investigation. The report (526)may include notifying another system and/or authority. The processor mayadditionally initiate an alarm to prevent the individual from leavingthe point of contact without further investigation by an authority.

Enrollment to Obtain an Identification Card by an Individual.

As part of enrollment, an individual is required to submit two or moretypes of biometric data. A schematic of several embodiments ofenrollment are depicted in FIGS. 6A, 6B, 7A and 7B.

In any embodiments, where the identification card itself does not carryindividualized identification information including the individualizedbiometric data of the individual, a password or other electronic entrypermission granting device is stored on the card. This permits theretrieval of the individualized identification information, uponpresentation of the identification card at the point of contact, fromanother database, which may be the enrollment database. As shown in FIG.6A, biometric data of the first class is collected by biometric dataacquisition component I (690 ₁) and converted to a digital electronicformat (627). Some examples of suitable biometric data of the firstclass include, but are not limited to fingerprints and palmprints; bodygeometry features, including but not limited to ear, hand, finger, andthe like; facial features; face images; voice; voice prints; opticalrecognition, including but not limited to iris scans and retinal scans;infrared identification, including but not limited to face, hand, andhandvein; and the like. In one embodiment, one instance of the biometricdata of the first class (IBDI) is stored on the identification card, inthe digitized electronic format (628). In some embodiments, thebiometric data of the first class (IBDI) is hashed in an invertible formprior to storage on the card (633). In other embodiments, the biometricdata of the first class (IBDI) is hashed in a non-invertible form priorto storage on the card (633). In some embodiments other post processingof the electronically digitized biometric data of the first class (IBDI)is performed. In other embodiments no post processing of theelectronically digitized biometric data of the first class (IBDI) isperformed. In yet other embodiments, the biometric data of the firstclass (IBDI) is stored with no further processing after the initialacquisition, i.e. as a raw image of a biometric data, including but notlimited to a fingerprint scan data, a retinal scan data and an iris scandata. In other embodiments, a second instance of the biometric data ofthe first class is stored on the identification card, where the secondinstance is stored in a different format than the first instance. In onenon-limiting example, a fingerprint scan data may be stored in both agraphical representation and additionally, in a digitizedrepresentation.

Many kinds of algorithms may be used to convert graphical scan data suchas fingerprint, iris, retina, facial feature recognition, body geometryand others into digitized representations (templates), and the specificdisclosure provided herein is not meant to be limiting.

The second class of biometric data is obtained by biometric dataacquisition component II (690 ₂), and may be one of any class ofbiometric data. When the second class of biometric data is nucleic acid,i.e. either DNA or RNA, a sample of the individual's DNA is collectedand analyzed (690 ₂). The results are converted to a digital electronicformat (629). The digitized individualized biometric data of the secondclass (IBDII) is hashed with the electronically digitized first class ofbiometric data (IBDI) of the individual (631) to produce anindividualized identification hash (IIH). In some embodiments thehashing process is invertible. In other embodiments, the hashing processis noninvertible. Only the individualized identification hash (IIH, 632)is stored on the identification card (620).

In other embodiments, as shown in FIG. 6B, along with the stepsdescribed in the embodiments 600A, an additional process is added to theenrollment methods. The processor, at the time of enrollment,additionally assigns (634) and deposits a unique enrollment verificationcertification (EVC, 611) into the enrollment database and stores a copyof the unique enrollment verification certification (EVC) in theidentification card 620. The enrollment verification certification canbe retrieved at the point of contact when the individual requests accessto an entity, transport, information, location, security organization,law enforcement organization, transaction, services, authorized status,or funds to assure that the card was issued from the enrollmentdatabase, as discussed above.

Additional classes of biometric data may also be obtained from theindividual (FIGS. 7A and 7B), for example, fingerprints and palmprints;body geometry features, including but not limited to ear, hand, finger,and the like; facial features; face images; voice; voice prints; opticalrecognition, including but not limited to iris scans and retinal scans;infrared identification, including but not limited to face, hand, andhandvein; and the like. In some embodiments the additional classes ofbiometric data include nucleic acids data. The biometric data of thefirst class is collected by biometric data acquisition component I (790₁) and converted to a digital electronic format (735), as discussedabove for the embodiments of FIGS. 6A and 6B, and including the sameclasses of biometric data. One instance of the biometric data of thefirst class (IBDI) is stored on the identification card, in thedigitized electronic format. The digitized electronic biometric data ofthe first class (IBDI) may have been further processed (744) asdiscussed for the embodiments of FIGS. 6A and 6B, prior to storage onthe identification card 720. The second class of biometric data isobtained by biometric data acquisition component II (790 ₂), and may beone of any class of biometric data. When the second class of biometricdata is nucleic acid, i.e. either DNA or RNA, a sample of theindividual's DNA is collected and analyzed (790 ₂). The second class ofbiometric data is processed (737) as in the embodiments of FIGS. 6A and6B.

The digitized individualized biometric data of the second class (IBDII)is hashed with electronically digitized first class of biometric data(IBDI) of the individual (739) to produce an individualizedidentification hash (IIH). In some embodiments the hashing process isinvertible. In other embodiments, the hashing process is noninvertible.Only the individualized identification hash (IIH, 739) is stored on theidentification card (720).

The third or more classes of biometric data are acquired by biometricacquisition component III (790 ₃), and so forth. The third or moreclasses of biometric data may be converted to a digital electronicformat (IBDIII, 741). The third or more classes of biometric data may behashed before storage on the identification card (743). In someembodiments the hash of the third or more classes of biometric data isinvertible. In other embodiments the hash of the third or more classesof biometric data is non-invertible. In some embodiments other postprocessing of the electronically digitized biometric data of the thirdor more class is performed. In other embodiments no post processing ofthe electronically digitized biometric data of the third or more classis performed.

When a biometric data including a nucleic acids profile, either DNA orRNA, is used, for example as a biometric data of the third or moreclass, it may also be hashed with the electronically digitized biometricdata of the first class, prior to storage on the identification card. Insome embodiments, the hashing of the DNA or RNA containing third classof biometric data and the first class of biometric data is invertible.In other embodiments, the hashing of the DNA or RNA containing thirdclass of biometric data and the first class of biometric data isnon-invertible. The individualized biometric data of the first class(IBDI), individualized identification hash (IIH) and the individualizedbiometric data of the third class (IBDIII) are stored on theidentification card 720, and so on for any additional classes ofindividualized biometric data. The individualized biometric data of thethird class may be of the form of an individualized identification hash.

In other embodiments of the method, as shown in FIG. 7B, along with thesteps described in the embodiments FIG. 7A (700A), an additional processis added to the enrollment methods. The processor, at the time ofenrollment, additionally assigns (745) and deposits a unique enrollmentverification certification (EVC) into the enrollment database and storesa copy of the unique enrollment verification certification (EVC) in theidentification card 720. The enrollment verification certification canbe retrieved at the point of contact when the individual requests accessto an entity, transport, information, location, security organization,law enforcement organization, transaction, services, authorized status,or funds to assure that the card was issued from the enrollmentdatabase, as discussed above.

In any of the embodiments of the enrollment methods, a plurality ofpartial individualized identification hashes may be formed from each ofthe individual DNA profile components contributing to a complete DNAprofile, and stored on the identification card. For example, a pluralityof individualized identification hashes may be formed using each DNA STRlocus separately, or every combination of subsets, or any selection ofsuch grouping of DNA STR loci. One non-limiting example is the use ofthe subset of SNA STR loci as follows: CS1PO, D7820, D13S317, D16S539,D18S51, D21S11, FGA, D2S1338, and amelogenin. A partial individualizedidentification hash used in the comparison with partial interrogationdatabase DNA biometric data may be formed from a subset of two or more,three or more, four or more, five or more, six or more, seven or more,or eight or more STR loci. Optionally, descriptors of these partialindividualized identification hashes may be stored on the identificationcard during enrollment, for comparison against equivalent interrogationdatabase biometric data in any of the methods of identification.

In any of the embodiments of the methods of enrollment, each of theinstances of the at least a first class of individualized biometricdata, the at least a first individualized identification hash and/or oneor more partial individualized identification hashes may be as abarcode, alphanumerical or a graphical representation. The barcode maybe a two dimensional barcode, including but not limited to a matrixbarcode.

Methods of Converting Biometric Data for Storage on the IdentificationCard and for Comparison Between Individualized Biometric Data andInterrogation Biometric Data.

Many modes of digitizing and processing biometric data can beincorporated into the systems and methods of the invention. For example,for fingerprint data, many approaches are available or in development toconvert fingerprint scans to digitized forms and create searchabletemplates. Two major categories include minutia bases templates orpattern based templates. Pattern based templates are graphical imagesthat are compressed for storage but are compared graphically. Minutiaebased approaches, while also derived from a graphical image, can be usedto create mathematical representations of such data for comparison. TheM40 algorithm, utilized by the FBI, is one such mathematicalrepresentation. Another well known method of converting fingerprintimages into an alphanumerical ordered series is the Vucetich Formula.Any reproducible method can be used to convert fingerprint scan datainto suitable numerical or alphanumerical representations. In someembodiments, fingerprint scans are processed in similarly to thosestored in the Integrated Automated Fingerprint Identification System(IAFIS) managed by the FBI.

DNA or RNA profiles can be converted into numerical representations byany suitable coding method. In one nonlimiting example, the profile froma nucleic acids analysis can be represented in terms of a geneidentifier along with a locus identifier, which can be converted usingASCII encoding, in one nonlimiting example. Reordering nucleic acidprofiles to present the same relative order of gene identifier and locusidentifier may be necessary in order to obtain hashes that arecomparable. In some embodiments, the order of presentation may be thesame as the order of presentation as used in CODIS, managed by the FBI.

During the enrollment process, the first class of individualizedbiometric data obtained from an individual may be a fingerprint scandata. The digitized fingerprint scan of the individual may be convertedto alphanumerical, numerical or matrixed values by any of the methodsknown in the art, as discussed above. In some embodiments, a firstinstance of the converted digitized fingerprint data is stored on theidentification card. The second class of biometric data may be a DNA orRNA profile, which has been converted into an alphanumeric, numeric ormatrixed value as discussed above. A second instance of the converteddigitized fingerprint data is hashed together with the converteddigitized DNA or RNA profile data of the individual, using, for example,a fuzzy hashing tool, to create a hashed value, which is stored on theidentification card, as the individual information hash. In someembodiments, this hashed value is a barcode. In some embodiments, thebarcode is a two dimensional barcode, including but not limited to amatrix code. In some embodiments, the hashing is a one-way hashing whichprovides a collision-free mechanism, and provides a product hash havinga fixed length. Similar methods are used for any additionalindividualized identification hashes and/or one or more partialindividualized identification hashes.

During the identification process, the processor retrieves the convertedfingerprint data of the individual; accesses at least one interrogationdatabase; and retrieves the plurality of interrogation biometric data ofthe second class, for example, DNA or RNA profiles of high riskindividuals. The processor reorders each of the plurality ofinterrogation biometric data of the second class, if necessary; andconverts each of the plurality of interrogation biometric data of thesecond class to an alphanumeric, numerical, or matrixed value of thesame format as the individualized biometric data of the second class.The processor hashes the converted fingerprint data of the individualwith each converted, digitized DNA or RNA data of the interrogationdatabase, using the same hashing tools as used in the enrollment of theindividual. In some embodiments, the hashing tool is a fuzzy hashingtool. Similar methods are used to form one or more partial interrogationdatabase identification hashes. Each of the plurality of interrogationdatabase identification hashes so formed is compared to theindividualized identification hash retrieved from the identificationcard. The comparison may be made by a fuzzy hashing algorithm, seekingsubstantial identity but not requiring perfect identity. If substantialidentity is found, a match is reported and further investigation of theindividual as a high risk individual may follow.

In some embodiments, the processor performs comparison between theindividualized biometric data of the first or third or more class andinterrogation databases having biometric data of the respective classes.The method may include the steps of reordering or reorganizing thebiometric data in the interrogation databases to be in the same order orpresented in the same manner as that of the individualized biometricdata. The method may also include the steps of processing the biometricdata of the interrogation databases to be represented, encoded ormathematically manipulated in the same way as that of the individualizedbiometric data. Additionally, when the individualized biometric data ofany of these classes includes a DNA data, and is present as aindividualized identification hash formed from a combination of anindividualized biometric data other than a DNA data with the DNA data,then the method includes steps for retrieving an instance of theindividualized biometric data of the class other than the DNA data, andforming a plurality of interrogation database identification hashesand/or partial interrogation database identification hashes with DNAdata of the interrogation database as described above; comparing theplurality of interrogation database identification hashes with theindividualized identification hash; and reporting whether a match hasbeen found.

In yet other embodiments, the processor performs a comparison betweenpartial or degraded DNA profiles in an interrogation database and aplurality of individualized identification hashes containing partial DNAprofile data stored on the identification card. The processor mayperform a weighting analysis to determine if a threshold probability hasbeen attained to permit reporting a match. In any embodiment when thedatabase entry may not have a complete DNA profile, the processor mayissue a report including percentage of alleles matched data, and numberof loci compared. One of skill may customize the requirements forthreshold matching criteria in order to program the processor to reportwhether the results constitute identification of a significant match.

Alternatively, the processor may assign probabilities that thecomparisons between the partial individualized identification hashes andthe partial interrogation data hashes represent a significant likelihoodof a match. A match may be reported when these conditions are met.

Method of Producing the Identification Card.

An identification card is produced by acquiring individualized biometricdata of at least a first and a second class from the individual. Theindividualized biometric data of the first class is converted into adigitized biometric data. At least a first instance of the digitizedbiometric data of the first class is stored on the identification card.In some embodiments, a second instance of the biometric data of thefirst class is stored on the card. The second instance of the biometricdata may be stored on the identification card in a different format thanthe first instance of the biometric data of the first class. Onenon-limiting example the identification card may include a fingerprintdata scan stored as a digitized data string and may also have agraphical representation of the fingerprint scan stored on theidentification card. The individualized biometric data of the secondclass may be converted into a digitized biometric data and is hashedwith another instance of the digitized individualized biometric data ofthe first class to form a first individualized identification hash. Thefirst individualized identification hash is stored on the identificationcard. In some embodiments, the individualized identification hash is aone-way hash. In some embodiments, more than one individualizedidentification hash and/or a plurality of partial individualizedidentification hashes may be stored on the identification card. In someembodiments, the first instance of the individualized biometric data ofthe first class is hashed in an invertible form prior to storage on thecard. In some embodiments, more than two classes of individualizedbiometric data are acquired, converted to digital electronic formats,and stored on the identification card. When any third or more class ofindividualized biometric data is a DNA data, it is hashed with a non-DNAindividualized biometric data prior to storage on the identificationcard. When the third or more class of individualized DNA biometric datais hashed with non-DNA individualized biometric data, the hashing may beone-way. In some embodiments an enrollment verification certification isstored on the card. In any embodiments, where the identification carditself does not carry individualized identification informationincluding the individualized biometric data of the individual, apassword or other electronic entry permission granting device is storedon the card. This permits the retrieval of the individualizedidentification information, upon presentation of the identification cardat the point of contact, from another database, which may be theenrollment database.

The storing of any of the biometric data on the identification may beaccomplished by any suitable method, including but not limited tographical, text, pictorial, barcode, alphanumeric or two dimensionalmarking. The marking may be magnetic, visually readable, or electronic.The identification card may further comprise parametic identificationembedded or printed on it.

EXAMPLES

The specific algorithms described in these examples, used to convertgraphical scan data such as fingerprint, iris, retina, facial featurerecognition, body geometry and others into digitized representations(templates) are non-limiting examples of the types of algorithms thatmay be used. Many other mathematical manipulation types are envisionedto produce useful digitized representations and identification hashesfor the methods of the invention.

Example 1. Enrollment of an Individual Using Fingerprint Scan Data andDNA Data

An individual produces a sample of personal biological material for DNASTR profiling and presents a single digit to be scanned by a FutronicsRIPS201/PIV USB 2.0 fingerprint scanner.

The individual's biological sample is processed to extract the crudeDNA, the DNA is amplified using primers and a DNA STR profile isdetermined by analysis using an Identifiler® STR kit (LifeTechnologies). The results are presented as a string of digits,representing the number of alleles found for each loci, ordering theloci as AMEL, CSF1PO, D13S317, D16S539, D18S51, D19S433, D21S11,D2S1338, D3S1358, D5S81, D7S820, D8S1179, FGA, TH01, TPDX, vWA, and canbe written as data string 001:

-   -   XX101288111218201515.2293120231516111210121414202679891719

The fingerprint scan obtained as above is output as a numerical templateby VeriFinger SDK 6.4 (NeuroTechnology), represented here as data string002:

-   -   0011590196419806A-0021793194820116A-0031326195319806B-0041458224320411-B-0051808211120306A-0061956290321816A-0072123347221811B-0082017234522406-A-0091758237022111B-0102123254822406A-0112123271022106A-0122403272022911-A-0132327298003916A-0141773249703716A-0152123249704306A-0162301271004006-A9.014:009.015:169.016:AFIS/FBIA1NMV9.017:UC31319.020:09.023:00115901935018-06A005020090700406255150030225515255150020211100001-0021793195102116A25515-0050400910001020030225515255152551501010000-0031326194601806B0010200404-25515255152551525515255152551501000000-0041458165602411B009010060625515-255152551500304001060050600000011-0051808178802306A25515008030090600406-0010200204255152551500011100-0061956099603816A2551500707255152551500406-01405011060130300001011-0072123042703811B255152551525515255152551500607-013112551500000000-0082017155404406A01501011050140600904005032551525515-2551510101000-0091758152904111B0150201402255152551500401005062551500804-00000100-0102123135104406A0160001103006080140400803015022551525515-01011100-0112123118904106A0130200713006062551501402010032551501603-11000101-0122403117904911A2551501305006100160201002255152551525515-01110000-0132327091921916A0110201205255152551525515255150071100603-11000001-0141773140221716A0040100902008060150501102006052551525515-11110000-0152123140222306A0080125515255152551501602010020060901405-10001101-0162301118922006A0100025515255150120225515013050060901103-10010011,XX101288111218201515.2293120231516111210121414202679891719

The individualized identification hash is obtained by encryption of thecombined strings using MessageDigestClass from Java Encryption API,which includes a revised Secure Hash Algorithm (SHA-1, developed by NSA,and published by NIST) algorithm. The result can be written in a 160 bitdata string as individualized identification hash 003:

-   -   MNSPDUdtQTr3DsqyJVmrCTeFB0M=

An identification card is produced for the individual, having thefingerprint template data string 002 and the individualizedidentification hash 003 present on the card. The identification cardalso includes descriptors for the biometric data string 002 andindividualized identification hash data string 003 that identifies whattype of data (i.e., fingerprint scan template and hashed fingerprinttemplate/DNA profile) is represented by these data strings. Parametricinformation such as name, age, address, citizenship, residency status,and the like is also included.

Example 2. Method of Accessing Information and Interrogating DatabasesContaining DNA Data

The individual presents the identification card of Example 1, and theprocessor reads the data string 002 and data string 003, along with thedescriptors identifying the types of biometric data included in the datastrings and also identifies the method of organizing/reorderingbiometric data used. The processor communicates to a database containingDNA STR data, including, for example, 158 individual STR profilescomprising the same loci as used in Example 1. For each DNA profile inthe database, the processor first reorders the DNA loci of the STRs tobe represented in same order and digitized manner as used in Example 1.The processor forms an interrogation database identification hash byextracting the data string 002 from the identification card of theindividual, and encrypts the combined strings using MessageDigestClassfrom Java Encryption API, to provide an interrogation databaseidentification hash for each of the DNA profiles in the database(interrogation database identification hash 005-1 to 005-158). Eachinterrogation database identification hash is compared by the processorwith the individualized identification hash:

-   -   MNSPDUdtQTr3DsqyJVmrCTeFBOM=of Example 1, and the report is        issued whether a match has been identified:    -   Match found at STR profile:    -   XX101288111218201515.2293120231516111210121414202679891719    -   Generated by fingerprint:        0011590196419806A-0021793194820116A-0031326195319806-B-0041458224320411B-0051808211120306A-0061956290321816A-0072123347221811-B-0082017234522406A-0091758237022111B-0102123254822406A-0112123271022106-A-0122403272022911A-0132327298003916A-0141773249703716A-0152123249704306-A-0162301271004006A9.014:009.015:169.016:AFIS/FBIA1NMV9.017:UC31-319.020:09.023:0011590193501806A0050200907004062551500302255152551500202-11100001-0021793195102116A2551500504009100010200302255152551525515-01010000-0031326194601806B0010200404255152551525515255152551525515-01000000-0041458165602411B0090100606255152551525515003040010600506-00000011-0051808178802306A2551500803009060040600102002042551525515-00011100-0061956099603816A2551500707255152551500406014050110601303-00001011-0072123042703811B2551525515255152551525515006070131125515-00000000-0082017155404406A0150101105014060090400503255152551525515-10101000-0091758152904111B0150201402255152551500401005062551500804-00000100-0102123135104406A0160001103006080140400803015022551525515-01011100-0112123118904106A0130200713006062551501402010032551501603-11000101-0122403117904911A2551501305006100160201002255152551525515-01110000-0132327091921916A0110201205255152551525515255150071100603-11000001-0141773140221716A0040100902008060150501102006052551525515-11110000-0152123140222306A0080125515255152551501602010020060901405-10001101-0162301118922006A0100025515255150120225515013050060901103-10010011,XX101288111218201515.2293120231516111210121414202679891719    -   Creating UID: MNSPDUdtQTr3DsqyJVmrCTeFBOM=

As can be seen, a match is identified between the individual and one ofthe Database entries, which has the same DNA profile.

Example 3. Enrollment of an Individual Using Iris Scan Data and DNA Data

The individual's DNA STR profile is obtained as described in Example 1,and can be written as described above as data string 001:

-   -   XX101288111218201515.2293120231516111210121414202679891719

An iris scan is output as a numerical template using a VeriEye ExtendedSDK Version 2.5 (Neurotechnology), represented here as data string 004:

-   -   78.69.82.16.24.9.16.128.2.224.1.0.223.1.5.2.64.0.32.0.250.7.160.13.95.234.7.224.95.193.        104.5.254.168.15.106.95.213.106.7.210.40.37.224.87.127.0.181.122.10.21.253.108.41.12        5.183.202.130.95.160.125.246.138.21.247.210.160.151.224.160.127.160.181.120.37.232.        87.168.23.250.7.218.8.215.250.7.160.13.95.234.7.160.95.197.120.5.254.168.15.42.95.21        3.122.2.210.168.1.250.87.253.53.165.122.10.85.253.108.161.124.149.250.3.95.128.125.2        42.138.21.245.242.160.23.240.160.127.160.181.120.37.248.23.168.23.250.7.250.33.87.2        24.5.160.149.95.234.130.160.95.213.248.23.248.168.40.169.95.85.104.160.87.194.128.2        54.23.127.85.165.90.9.127.241.124.161.126.133.122.1.254.129.253.234.10.85.247.194.1        60.31.212.168.31.160.149.250.1.248.5.170.23.250.7.248.33.87.240.160.160.221.127.194.        130.160.95.213.252.151.160.40.10.169.95.85.232.40.23.210.128.170.23.223.245.160.90.        9.125.232.124.161.126.129.122.1.255.3.245.42.10.87.255.210.160.23.210.160.127.160.9        5.122.1.248.0.42.23.250.7.248.15.87.213.224.181.245.250.7.130.128.95.213.245.226.160        .95.128.168.95.127.168.40.23.214.128.138.23.87.247.130.10.133.125.232.36.161.126.12        9.126.129.253.122.128.74.3.87.255.90.160.31.218.129.95.160.31.86.160.23.160.10.7.250        .21.248.11.215.213.224.23.245.170.23.194.130.95.213.245.224.160.95.128.168.31.215.2        32.40.23.215.160.128.23.87.215.138.130.149.253.122.0.168.23.160.94.129.245.250.1.12        2.129.95.248.10.136.7.218.1.87.232.10.23.160.7.252.10.3.250.21.250.10.215.213.240.87.        224.42.87.250.130.31.215.245.168.1.94.129.232.23.215.232.2.23.215.160.128.95.215.22        3.138.2.85.245.126.160.168.23.224.94.129.247.234.5.254.129.223.232.10.10.5.90.1.85.2        48.10.23.232.7.254.10.128.170.23.254.10.7.213.253.127.160.42.87.250.2.151.213.254.16        8.15.94.129.232.23.215.234.2.215.215.226.128.95.215.95.13        8.2.87.245.95.160.42.23.248        .94.129.87.232.5.254.129.223.160.10.2.161.126.11.85.248.10.23.232.21.254.2.128.168.2        3.255.10.7.161.245.254.160.15.87.250.2.150.213.254.40.23.250.129.168.23.215.234.3.21        5.215.250.128.95.245.95.138.10.87.213.95.160.42.7.254.2.129.95.160.21.250.129.223.13        8.15.87.129.127.9.213.232.10.23.234.21.254.2.128.168.23.245.250.130.160.85.250.0.23.        215.17.82.87.213.248.2.87.250.2.160.31.87.234.7.224.181.254.128.87.250.10.130.10.95.        215.95.160.42.5.254.130.133.95.160.21.248.1.255.170.7.215.161.122.21.245.168.10.215.        250.21.250.7.224.168.21.245.127.130.130.213.39.192.87.212.46.58.87.245.248.3.215.25        0.2.160.31.87.234.23.224.37.126.160.21.250.2.23.170.95.215.222.160.42.5.126.128.149.        254.128.245.232.5.254.42.31.214.133.248.53.248.168.42.151.95.21.234.7.250.32.117.22        9.127.130.150.213.27.128.87.249.9.83.87.229.248.7.213.234.2.160.53.95.168.23.224.37.        127.160.21.250.128.23.250.31.87.222.160.10.1.254.160.21.250.129.245.232.5.248.40.95.        214.149.232.21.248.32.63.137.95.117.168.23.250.0.117.161.127.130.215.165.11.129.245        .245.9.251.87.224.42.7.213.234.130.160.181.95.160.95.232.41.127.224.149.250.128.23.2        22.15.95.215.170.10.129.254.160.53.250.133.247.160.5.248.40.95.210.149.232.117.248.        0.95.137.95.116.168.21.250.0.245.160.127.131.87.225.75.129.245.255.170.163.87.224.4        2.151.213.224.129.160.165.94.160.95.234.1.87.224.149.254.160.31.222.9.95.87.126.10.1        30.222.168.53.250.5.247.160.53.248.1.95.210.176.169.125.232.1.95.136.95.116.168.23.2        48.0.245.160.63.95.215.225.113.1.245.245.104.107.95.232.42.23.213.160.133.224.161.9        4.160.127.122.0.215.224.149.254.160.31.95.9.95.85.126.2.130.130.168.55.250.133.215.1        68.53.232.1.127.215.160.173.125.232.3.95.136.95.94.168.23.248.2.213.224.161.95.213.2        25.81.1.117.210.53.103.95.232.10.87.208.160.181.240.169.95.160.125.122.128.245.248.        149.254.160.31.95.104.31.117.126.130.30.130.160.125.254.149.223.168.53.232.1.127.21        5.160.181.127.168.3.223.10.31.94.168.23.224.15.245.240.161.255.213.245.122.1.117.21        5.245.155.95.104.10.87.208.129.245.244.168.95.160.125.94.129.245.104.53.120.168.95.        95.122.13.253.126.128.95.128.160.125.119.245.95.168.55.232.5.127.87.160.181.127.168        .14.136.95.13.124.168.23.224.47.165.240.161.127.213.245.122.0.87.252.70.207.95.106.1        0.87.224.181.213.245.168.31.160.61.94.129.252.40.53.120.40.31.253.122.5.253.126.160.        95.128.160.125.117.245.94.160.127.170.9.125.87.160.181.127.40.34.168.95.41.127.40.2        3.224.53.165.240.160.127.95.213.126.160.95.160.62.127.127.74.130.23.224.181.215.245        .234.31.160.61.90.129.252.40.37.120.42.21.253.94.5.253.126.160.95.160.7.253.117.245.        94.160.127.2.168.125.87.224.184.75.124.64.168.95.161.127.168.23.224.53.161.252.160.        127.95.223.86.160.127.160.43.93.127.86.130.23.224.245.215.215.234.31.160.125.90.1.2        45.232.5.120.10.133.253.95.5.125.118.160.95.232.31.200.117.245.90.161.127.2.136.127.        87.245.224.146.5.193.138.159.129.127.160.23.224.63.161.252.160.127.23.219.86.161.12        6.160.23.221.250.23.130.23.245.245.87.215.234.31.160.125.90.129.245.234.1.125.10.12        9.255.95.129.127.128.168.23.232.30.0.85.245.90.160.127.2.128.95.3.215.57.208.72.164.        183.238.129.126.128.21.241.126.161.126.41.127.23.218.23.161.254.160.23.245.168.23.1        30.23.245.252.23.215.234.30.160.125.94.129.245.234.1.125.94.131.95.95.129.95.129.23        2.5.253.126.0.93.252.82.160.127.74.128.95.121.87.168.219.70.81.16.234.129.126.128.18        1.229.126.40.90.236.250.23.250.23.161.254.160.181.245.168.23.168.7.213.254.7.215.23        4.31.160.63.222.129.213.234.5.120.30.10.95.86.131.95.129.232.5.253.120.40.93.244.210        .160.127.74.128.95.252.87.69.34.16.230.40.207.213.126.128.244.133.127.40.90.186.186.        23.250.23.161.254.160.21.245.160.23.232.15.213.250.7.244.170.87.160.31.214.131.213.        232.29.104.31.74.95.2.131.95.193.232.5.245.124.40.31.246.210.160.127.10.129.95.248.5        .29.238.191.219.201.167.87.250.128.248.133.127.40.26.195.184.23.242.151.129.253.168        .21.254.160.87.232.15.213.250.15.88.163.74.232.31.215.215.214.160.125.40.31.250.10.2        .215.87.213.168.15.245.253.40.31.215.210.128.122.10.133.213.251.188.121.74.219.35.1        62.3.87.250.128.232.5.127.104.10.118.232.23.242.135.129.253.168.21.254.0.85.232.1.21        5.240.52.16.161.247.48.15.215.215.130.161.125.40.31.218.8.10.95.87.213.232.15.213.25        3.104.15.151.218.129.250.31.213.236.136.12.119.141.202.2.85.132.243.238.36.232.41.9        5.122.2.160.168.23.242.151.161.245.168.23.250.3.215.232.3.215.232.207.123.21.102.13        1.50.23.215.130.165.124.40.95.218.168.47.95.94.133.234.2.133.245.232.14.135.218.128.        67.95.251.64.193.72.126.133.234.237.193.93.155.0.60.56.40.95.94.128.160.42.151.242.1        35.160.245.232.23.250.11.87.226.12.34.78.149.206.156.34.112.235.123.210.130.181.252        .40.95.94.168.63.95.94.133.250.2.129.245.232.14.129.90.131.180.180.179.114.214.121.5        0.254.64.69.206.174.97.71.5.196.40.31.94.128.248.10.197.250.135.224.247.232.23.232.1        1.87.224.137.232.44.20.84.162.210.137.152.101.242.128.245.248.168.127.94.160.63.93.        126.133.254.130.129.117.232.15.168.90.140.99.183.192.61.232.122.146.37.171.39.173.2        00.40.186.63.249.168.15.95.160.248.23.225.126.5.240.247.232.87.232.11.87.224.44.68.1        82.15.121.205.24.49.22.167.218.133.245.232.160.127.94.160.126.21.122.5.255.130.161.        117.232.21.232.10.131.23.108.240.238.117.111.253.119.174.61.186.186.162.116.31.202.        40.11.95.160.168.87.225.126.129.245.127.202.87.232.9.95.224.71.192.77.230.40.127.4.8        1.42.5.218.133.247.170.160.127.31.168.62.21.122.5.255.128.161.117.224.149.248.10.14        6.245.101.40.29.6.48.113.51.21.123.92.162.51.242.191.42.40.11.95.224.168.87.224.126.        129.245.255.74.87.168.9.95.224.191.109.80.246.69.140.227.224.206.50.154.213.215.130        .129.126.30.40.58.21.120.5.255.160.161.125.224.181.248.10.14.91.5.248.90.162.29.71.1        1.36.212.121.126.199.41.21.223.40.10.95.240.161.87.16.0.16.0.145.228.217.196.249.134        .245.143.143.140.225.227.140.230.198.99.147.192.249.128.240.226.253.142.153.156.19        5.227.140.230.70.103.231.152.252.48.240.240.252.30.12.142.35.129.140.113.134.99.252        .56.252.96.112.240.252.63.6.204.99.1.142.17.192.113.56.118.248.224.121.184.228.63.7.        28.231.28.220.57.128.124.62.241.249.224.241.28.227.191.7.24.198.61.184.95.24.220.21        2.252.225.224.115.140.99.223.130.57.198.57.56.206.24.207.246.225.227.198.115.142.99        .207.128.57.198.124.112.206.56.227.248.244.227.159.51.140.99.231.204.63.204.124.112        .55.49.99.248.193.227.191.19.156.97.247.204.127.140.62.230.179.27.99.108.199.49.255.        147.142.112.243.6.143.140.59.203.87.31.46.100.207.49.231.51.206.100.227.7.142.140.5        6.152.126.39.34.228.198.49.254.35.240.206.15.199.199.137.228.169.181.103.142.228.19        8.113.238.47.161.206.31.97.229.132.223.69.48.131.200.100.206.48.121.230.23.143.62.1        13.228.15.137.8.11.105.195.39.204.50.148.119.135.15.38.113.238.23.179.178.88.128.22        7.

The individualized identification hash is obtained by encryption of thecombined strings using MessageDigestClass from Java Encryption API,which includes a revised Secure Hash Algorithm (SHA-1, developed by NSA,and published by NIST) algorithm. The result can be written in a 160 bitdata string as individualized identification hash 005:

-   -   jLGs0bKsVyf1Sao9/N+mMMo598=

An identification card is produced for the individual, having the iristemplate data string 004 and the individualized identification hash 005present on the card. The identification card also includes descriptorsfor the biometric data string 004 and individualized identification hashdata string 005 that identifies what type of data (i.e., iris cantemplate and hashed iris template/DNA profile) is represented by thesedata strings. Parametric information such as name, age, address,citizenship, residency status, and the like is also included.

Example 4. Method of Accessing Information and Interrogating DatabasesContaining DNA Data

The individual presents the identification card of Example 3, and theprocessor reads the data string 004 and individualized identificationhash data string 005, along with the descriptors identifying the typesof biometric data included in the data strings and also identifies themethod of organizing/reordering biometric data used. The processorcommunicates to a database containing DNA STR data, including, forexample, 158 individual STR profiles comprising the same loci as used inExample 1. Interrogation of each interrogation database identificationhash is performed in the same manner as in Example 2, in this case usingthe data string 004 to form an interrogation database identificationhash for each entry of the interrogation database. Each of the resultinginterrogation database identification hashes is compared with theindividualized identification hash (jLGs0bKsVyf1Sao9/N+mMMo598=) ofExample 3, and the report is issued whether a match has been identified.

While the principles of the present teachings have been described inconnection with specific embodiments of nucleic acid sample preparationand sequencing platforms, it should be understood clearly that thesedescriptions are made only by way of example and are not intended tolimit the scope of the present teachings or claims. What has beendisclosed herein has been provided for the purposes of illustration anddescription. It is not intended to be exhaustive or to limit what isdisclosed to the precise forms described. Many modifications andvariations will be apparent to the practitioner skilled in the art. Whatis disclosed was chosen and described in order to best explain theprinciples and practical application of the disclosed embodiments of theart described, thereby enabling others skilled in the art to understandthe various embodiments and various modifications that are suited to theparticular use contemplated. It is intended that the scope of what isdisclosed be defined by the following claims and their equivalents.

1.-16. (canceled)
 17. An identification card comprising individualizedidentification information of an individual comprising an individualizedbiometric data of at least a first class and a first individualizedidentification hash comprising the individualized biometric data of thefirst class and the individualized biometric data of the second class.18. The identification card of claim 17, wherein when a class ofindividualized biometric data is a DNA data, then the DNA biometric datais present on the identification card in a hashed form.
 19. Theidentification card of claim 17, wherein the individualized biometricdata of the first class is a fingerprint data or a retinal scan data.20. The identification card of claim 17, wherein the individualizedbiometric data of the first class is an iris scan data.
 21. Theidentification card of claim 17, wherein the individualized biometricdata of the second class is a DNA data, selected from the groupconsisting of a STR profile, a SNP profile, an INDEL profile, and an Aluelement.
 22. The identification card of claim 17, wherein theindividualized biometric data of the second class is a DNA datacomprising a STR profile.
 23. The identification card of claim 17,wherein the individualized biometric data further comprises a third ormore class of biometric data selected from the group consisting of afingerprint scan data, iris scan data, retinal scan data, facialrecognition scan data, and body geometry scan data and a DNA data,wherein the DNA data is selected from the group consisting of a STRprofile, a SNP profile, an INDEL profile, and an Alu element.
 24. Theidentification card of claim 17, further comprising a plurality ofpartial individualized identification hashes, wherein each partialindividualized identification hash comprises the individualizedbiometric data of the first class and a partial individualized biometricdata of the second class.
 25. The identification card of claim 17,further comprising an enrollment verification certification. 26.-56.(canceled)